chiark / gitweb /
bus: make sure we don't try to malloc 0 bytes
[elogind.git] / src / libsystemd-bus / bus-message.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4   This file is part of systemd.
5
6   Copyright 2013 Lennart Poettering
7
8   systemd is free software; you can redistribute it and/or modify it
9   under the terms of the GNU Lesser General Public License as published by
10   the Free Software Foundation; either version 2.1 of the License, or
11   (at your option) any later version.
12
13   systemd is distributed in the hope that it will be useful, but
14   WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16   Lesser General Public License for more details.
17
18   You should have received a copy of the GNU Lesser General Public License
19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <sys/mman.h>
25
26 #include "util.h"
27 #include "utf8.h"
28 #include "strv.h"
29 #include "time-util.h"
30 #include "cgroup-util.h"
31
32 #include "sd-bus.h"
33 #include "bus-message.h"
34 #include "bus-internal.h"
35 #include "bus-type.h"
36 #include "bus-signature.h"
37
38 static int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored);
39
40 static void *adjust_pointer(const void *p, void *old_base, size_t sz, void *new_base) {
41
42         if (p == NULL)
43                 return NULL;
44
45         if (old_base == new_base)
46                 return (void*) p;
47
48         if ((uint8_t*) p < (uint8_t*) old_base)
49                 return (void*) p;
50
51         if ((uint8_t*) p >= (uint8_t*) old_base + sz)
52                 return (void*) p;
53
54         return (uint8_t*) new_base + ((uint8_t*) p - (uint8_t*) old_base);
55 }
56
57 static void message_free_part(sd_bus_message *m, struct bus_body_part *part) {
58         assert(m);
59         assert(part);
60
61         if (part->memfd >= 0) {
62                 /* If we can reuse the memfd, try that. For that it
63                  * can't be sealed yet. */
64
65                 if (!part->sealed)
66                         bus_kernel_push_memfd(m->bus, part->memfd, part->data, part->mapped);
67                 else {
68                         if (part->mapped > 0)
69                                 assert_se(munmap(part->data, part->mapped) == 0);
70
71                         close_nointr_nofail(part->memfd);
72                 }
73
74         } else if (part->munmap_this)
75                 munmap(part->data, part->mapped);
76         else if (part->free_this)
77                 free(part->data);
78
79         if (part != &m->body)
80                 free(part);
81 }
82
83 static void message_reset_parts(sd_bus_message *m) {
84         struct bus_body_part *part;
85
86         assert(m);
87
88         part = &m->body;
89         while (m->n_body_parts > 0) {
90                 struct bus_body_part *next = part->next;
91                 message_free_part(m, part);
92                 part = next;
93                 m->n_body_parts--;
94         }
95
96         m->body_end = NULL;
97
98         m->cached_rindex_part = NULL;
99         m->cached_rindex_part_begin = 0;
100 }
101
102 static void message_reset_containers(sd_bus_message *m) {
103         unsigned i;
104
105         assert(m);
106
107         for (i = 0; i < m->n_containers; i++)
108                 free(m->containers[i].signature);
109
110         free(m->containers);
111         m->containers = NULL;
112
113         m->n_containers = 0;
114         m->root_container.index = 0;
115 }
116
117 static void message_free(sd_bus_message *m) {
118         assert(m);
119
120         if (m->free_header)
121                 free(m->header);
122
123         message_reset_parts(m);
124
125         if (m->free_kdbus)
126                 free(m->kdbus);
127
128         if (m->release_kdbus) {
129                 uint64_t off;
130
131                 off = (uint8_t *)m->kdbus - (uint8_t *)m->bus->kdbus_buffer;
132                 ioctl(m->bus->input_fd, KDBUS_CMD_MSG_RELEASE, &off);
133         }
134
135         if (m->bus)
136                 sd_bus_unref(m->bus);
137
138         if (m->free_fds) {
139                 close_many(m->fds, m->n_fds);
140                 free(m->fds);
141         }
142
143         if (m->iovec != m->iovec_fixed)
144                 free(m->iovec);
145
146         free(m->cmdline_array);
147
148         message_reset_containers(m);
149         free(m->root_container.signature);
150
151         free(m->peeked_signature);
152
153         free(m->unit);
154         free(m->user_unit);
155         free(m->session);
156         free(m);
157 }
158
159 static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz) {
160         void *op, *np;
161         size_t old_size, new_size, start;
162
163         assert(m);
164
165         if (m->poisoned)
166                 return NULL;
167
168         old_size = sizeof(struct bus_header) + m->header->fields_size;
169         start = ALIGN_TO(old_size, align);
170         new_size = start + sz;
171
172         if (old_size == new_size)
173                 return (uint8_t*) m->header + old_size;
174
175         if (new_size > (size_t) ((uint32_t) -1))
176                 goto poison;
177
178         if (m->free_header) {
179                 np = realloc(m->header, ALIGN8(new_size));
180                 if (!np)
181                         goto poison;
182         } else {
183                 /* Initially, the header is allocated as part of of
184                  * the sd_bus_message itself, let's replace it by
185                  * dynamic data */
186
187                 np = malloc(ALIGN8(new_size));
188                 if (!np)
189                         goto poison;
190
191                 memcpy(np, m->header, sizeof(struct bus_header));
192         }
193
194         /* Zero out padding */
195         if (start > old_size)
196                 memset((uint8_t*) np + old_size, 0, start - old_size);
197
198         op = m->header;
199         m->header = np;
200         m->header->fields_size = new_size - sizeof(struct bus_header);
201
202         /* Adjust quick access pointers */
203         m->path = adjust_pointer(m->path, op, old_size, m->header);
204         m->interface = adjust_pointer(m->interface, op, old_size, m->header);
205         m->member = adjust_pointer(m->member, op, old_size, m->header);
206         m->destination = adjust_pointer(m->destination, op, old_size, m->header);
207         m->sender = adjust_pointer(m->sender, op, old_size, m->header);
208         m->error.name = adjust_pointer(m->error.name, op, old_size, m->header);
209
210         m->free_header = true;
211
212         return (uint8_t*) np + start;
213
214 poison:
215         m->poisoned = true;
216         return NULL;
217 }
218
219 static int message_append_field_string(
220                 sd_bus_message *m,
221                 uint8_t h,
222                 char type,
223                 const char *s,
224                 const char **ret) {
225
226         size_t l;
227         uint8_t *p;
228
229         assert(m);
230
231         l = strlen(s);
232         if (l > (size_t) (uint32_t) -1)
233                 return -EINVAL;
234
235         /* field id byte + signature length + signature 's' + NUL + string length + string + NUL */
236         p = message_extend_fields(m, 8, 4 + 4 + l + 1);
237         if (!p)
238                 return -ENOMEM;
239
240         p[0] = h;
241         p[1] = 1;
242         p[2] = type;
243         p[3] = 0;
244
245         ((uint32_t*) p)[1] = l;
246         memcpy(p + 8, s, l + 1);
247
248         if (ret)
249                 *ret = (char*) p + 8;
250
251         return 0;
252 }
253
254 static int message_append_field_signature(
255                 sd_bus_message *m,
256                 uint8_t h,
257                 const char *s,
258                 const char **ret) {
259
260         size_t l;
261         uint8_t *p;
262
263         assert(m);
264
265         l = strlen(s);
266         if (l > 255)
267                 return -EINVAL;
268
269         /* field id byte + signature length + signature 'g' + NUL + string length + string + NUL */
270         p = message_extend_fields(m, 8, 4 + 1 + l + 1);
271         if (!p)
272                 return -ENOMEM;
273
274         p[0] = h;
275         p[1] = 1;
276         p[2] = SD_BUS_TYPE_SIGNATURE;
277         p[3] = 0;
278         p[4] = l;
279         memcpy(p + 5, s, l + 1);
280
281         if (ret)
282                 *ret = (const char*) p + 5;
283
284         return 0;
285 }
286
287 static int message_append_field_uint32(sd_bus_message *m, uint8_t h, uint32_t x) {
288         uint8_t *p;
289
290         assert(m);
291
292         /* field id byte + signature length + signature 'u' + NUL + value */
293         p = message_extend_fields(m, 8, 4 + 4);
294         if (!p)
295                 return -ENOMEM;
296
297         p[0] = h;
298         p[1] = 1;
299         p[2] = SD_BUS_TYPE_UINT32;
300         p[3] = 0;
301
302         ((uint32_t*) p)[1] = x;
303
304         return 0;
305 }
306
307 int bus_message_from_header(
308                 void *buffer,
309                 size_t length,
310                 int *fds,
311                 unsigned n_fds,
312                 const struct ucred *ucred,
313                 const char *label,
314                 size_t extra,
315                 sd_bus_message **ret) {
316
317         sd_bus_message *m;
318         struct bus_header *h;
319         size_t a, label_sz;
320
321         assert(buffer || length <= 0);
322         assert(fds || n_fds <= 0);
323         assert(ret);
324
325         if (length < sizeof(struct bus_header))
326                 return -EBADMSG;
327
328         h = buffer;
329         if (h->version != 1)
330                 return -EBADMSG;
331
332         if (h->serial == 0)
333                 return -EBADMSG;
334
335         if (h->type == _SD_BUS_MESSAGE_TYPE_INVALID)
336                 return -EBADMSG;
337
338         if (h->endian != SD_BUS_LITTLE_ENDIAN &&
339             h->endian != SD_BUS_BIG_ENDIAN)
340                 return -EBADMSG;
341
342         a = ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
343
344         if (label) {
345                 label_sz = strlen(label);
346                 a += label_sz + 1;
347         }
348
349         m = malloc0(a);
350         if (!m)
351                 return -ENOMEM;
352
353         m->n_ref = 1;
354         m->sealed = true;
355         m->header = h;
356         m->fds = fds;
357         m->n_fds = n_fds;
358
359         if (ucred) {
360                 m->uid = ucred->uid;
361                 m->pid = ucred->pid;
362                 m->gid = ucred->gid;
363                 m->uid_valid = m->gid_valid = true;
364         }
365
366         if (label) {
367                 m->label = (char*) m + ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
368                 memcpy(m->label, label, label_sz + 1);
369         }
370
371         *ret = m;
372         return 0;
373 }
374
375 int bus_message_from_malloc(
376                 void *buffer,
377                 size_t length,
378                 int *fds,
379                 unsigned n_fds,
380                 const struct ucred *ucred,
381                 const char *label,
382                 sd_bus_message **ret) {
383
384         sd_bus_message *m;
385         int r;
386
387         r = bus_message_from_header(buffer, length, fds, n_fds, ucred, label, 0, &m);
388         if (r < 0)
389                 return r;
390
391         if (length != BUS_MESSAGE_SIZE(m)) {
392                 r = -EBADMSG;
393                 goto fail;
394         }
395
396         m->n_body_parts = 1;
397         m->body.data = (uint8_t*) buffer + sizeof(struct bus_header) + ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
398         m->body.size = length - sizeof(struct bus_header) - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
399         m->body.sealed = true;
400         m->body.memfd = -1;
401
402         m->n_iovec = 1;
403         m->iovec = m->iovec_fixed;
404         m->iovec[0].iov_base = buffer;
405         m->iovec[0].iov_len = length;
406
407         r = bus_message_parse_fields(m);
408         if (r < 0)
409                 goto fail;
410
411         /* We take possession of the memory and fds now */
412         m->free_header = true;
413         m->free_fds = true;
414
415         *ret = m;
416         return 0;
417
418 fail:
419         message_free(m);
420         return r;
421 }
422
423 static sd_bus_message *message_new(sd_bus *bus, uint8_t type) {
424         sd_bus_message *m;
425
426         m = malloc0(ALIGN(sizeof(sd_bus_message)) + sizeof(struct bus_header));
427         if (!m)
428                 return NULL;
429
430         m->n_ref = 1;
431         m->header = (struct bus_header*) ((uint8_t*) m + ALIGN(sizeof(struct sd_bus_message)));
432         m->header->endian = SD_BUS_NATIVE_ENDIAN;
433         m->header->type = type;
434         m->header->version = bus ? bus->message_version : 1;
435         m->allow_fds = !bus || bus->can_fds || (bus->state != BUS_HELLO && bus->state != BUS_RUNNING);
436
437         if (bus)
438                 m->bus = sd_bus_ref(bus);
439
440         return m;
441 }
442
443 int sd_bus_message_new_signal(
444                 sd_bus *bus,
445                 const char *path,
446                 const char *interface,
447                 const char *member,
448                 sd_bus_message **m) {
449
450         sd_bus_message *t;
451         int r;
452
453         if (!path)
454                 return -EINVAL;
455         if (!interface)
456                 return -EINVAL;
457         if (!member)
458                 return -EINVAL;
459         if (!m)
460                 return -EINVAL;
461         if (bus && bus->state == BUS_UNSET)
462                 return -ENOTCONN;
463
464         t = message_new(bus, SD_BUS_MESSAGE_TYPE_SIGNAL);
465         if (!t)
466                 return -ENOMEM;
467
468         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
469
470         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
471         if (r < 0)
472                 goto fail;
473         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
474         if (r < 0)
475                 goto fail;
476         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
477         if (r < 0)
478                 goto fail;
479
480         *m = t;
481         return 0;
482
483 fail:
484         sd_bus_message_unref(t);
485         return r;
486 }
487
488 int sd_bus_message_new_method_call(
489                 sd_bus *bus,
490                 const char *destination,
491                 const char *path,
492                 const char *interface,
493                 const char *member,
494                 sd_bus_message **m) {
495
496         sd_bus_message *t;
497         int r;
498
499         if (destination && !service_name_is_valid(destination))
500                 return -EINVAL;
501         if (!object_path_is_valid(path))
502                 return -EINVAL;
503         if (interface && !interface_name_is_valid(interface))
504                 return -EINVAL;
505         if (!member_name_is_valid(member))
506                 return -EINVAL;
507         if (!m)
508                 return -EINVAL;
509         if (bus && bus->state == BUS_UNSET)
510                 return -ENOTCONN;
511
512         t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_CALL);
513         if (!t)
514                 return -ENOMEM;
515
516         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
517         if (r < 0)
518                 goto fail;
519         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
520         if (r < 0)
521                 goto fail;
522
523         if (interface) {
524                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
525                 if (r < 0)
526                         goto fail;
527         }
528
529         if (destination) {
530                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, destination, &t->destination);
531                 if (r < 0)
532                         goto fail;
533         }
534
535         *m = t;
536         return 0;
537
538 fail:
539         message_free(t);
540         return r;
541 }
542
543 static int message_new_reply(
544                 sd_bus *bus,
545                 sd_bus_message *call,
546                 uint8_t type,
547                 sd_bus_message **m) {
548
549         sd_bus_message *t;
550         int r;
551
552         if (!call)
553                 return -EINVAL;
554         if (!call->sealed)
555                 return -EPERM;
556         if (call->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
557                 return -EINVAL;
558         if (!m)
559                 return -EINVAL;
560         if (bus && bus->state == BUS_UNSET)
561                 return -ENOTCONN;
562
563         t = message_new(bus, type);
564         if (!t)
565                 return -ENOMEM;
566
567         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
568         t->reply_serial = BUS_MESSAGE_SERIAL(call);
569
570         r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
571         if (r < 0)
572                 goto fail;
573
574         if (call->sender) {
575                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, call->sender, &t->destination);
576                 if (r < 0)
577                         goto fail;
578         }
579
580         t->dont_send = !!(call->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED);
581
582         *m = t;
583         return 0;
584
585 fail:
586         message_free(t);
587         return r;
588 }
589
590 int sd_bus_message_new_method_return(
591                 sd_bus *bus,
592                 sd_bus_message *call,
593                 sd_bus_message **m) {
594
595         return message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_RETURN, m);
596 }
597
598 int sd_bus_message_new_method_error(
599                 sd_bus *bus,
600                 sd_bus_message *call,
601                 const sd_bus_error *e,
602                 sd_bus_message **m) {
603
604         sd_bus_message *t;
605         int r;
606
607         if (!sd_bus_error_is_set(e))
608                 return -EINVAL;
609         if (!m)
610                 return -EINVAL;
611
612         r = message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_ERROR, &t);
613         if (r < 0)
614                 return r;
615
616         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_ERROR_NAME, SD_BUS_TYPE_STRING, e->name, &t->error.name);
617         if (r < 0)
618                 goto fail;
619
620         if (e->message) {
621                 r = message_append_basic(t, SD_BUS_TYPE_STRING, e->message, (const void**) &t->error.message);
622                 if (r < 0)
623                         goto fail;
624         }
625
626         *m = t;
627         return 0;
628
629 fail:
630         message_free(t);
631         return r;
632 }
633
634 int sd_bus_message_new_method_errorf(
635                 sd_bus *bus,
636                 sd_bus_message *call,
637                 sd_bus_message **m,
638                 const char *name,
639                 const char *format,
640                 ...) {
641
642         sd_bus_message *t;
643         va_list ap;
644         int r;
645
646         if (!name)
647                 return -EINVAL;
648         if (!m)
649                 return -EINVAL;
650
651         r = message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_ERROR, &t);
652         if (r < 0)
653                 return r;
654
655         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_ERROR_NAME, SD_BUS_TYPE_STRING, name, &t->error.name);
656         if (r < 0)
657                 goto fail;
658
659         if (format) {
660                 _cleanup_free_ char *message = NULL;
661
662                 va_start(ap, format);
663                 r = vasprintf(&message, format, ap);
664                 va_end(ap);
665
666                 if (r < 0) {
667                         r = -ENOMEM;
668                         goto fail;
669                 }
670
671                 r = message_append_basic(t, SD_BUS_TYPE_STRING, message, (const void**) &t->error.message);
672                 if (r < 0)
673                         goto fail;
674         }
675
676         *m = t;
677         return 0;
678
679 fail:
680         message_free(t);
681         return r;
682 }
683
684 int bus_message_new_synthetic_error(
685                 sd_bus *bus,
686                 uint64_t serial,
687                 const sd_bus_error *e,
688                 sd_bus_message **m) {
689
690         sd_bus_message *t;
691         int r;
692
693         assert(sd_bus_error_is_set(e));
694         assert(m);
695
696         t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_ERROR);
697         if (!t)
698                 return -ENOMEM;
699
700         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
701         t->reply_serial = serial;
702
703         r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
704         if (r < 0)
705                 goto fail;
706
707         if (bus && bus->unique_name) {
708                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, bus->unique_name, &t->destination);
709                 if (r < 0)
710                         goto fail;
711         }
712
713         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_ERROR_NAME, SD_BUS_TYPE_STRING, e->name, &t->error.name);
714         if (r < 0)
715                 goto fail;
716
717         if (e->message) {
718                 r = message_append_basic(t, SD_BUS_TYPE_STRING, e->message, (const void**) &t->error.message);
719                 if (r < 0)
720                         goto fail;
721         }
722
723         *m = t;
724         return 0;
725
726 fail:
727         message_free(t);
728         return r;
729 }
730
731 sd_bus_message* sd_bus_message_ref(sd_bus_message *m) {
732         if (!m)
733                 return NULL;
734
735         assert(m->n_ref > 0);
736         m->n_ref++;
737
738         return m;
739 }
740
741 sd_bus_message* sd_bus_message_unref(sd_bus_message *m) {
742         if (!m)
743                 return NULL;
744
745         assert(m->n_ref > 0);
746         m->n_ref--;
747
748         if (m->n_ref <= 0)
749                 message_free(m);
750
751         return NULL;
752 }
753
754 int sd_bus_message_get_type(sd_bus_message *m, uint8_t *type) {
755         if (!m)
756                 return -EINVAL;
757         if (!type)
758                 return -EINVAL;
759
760         *type = m->header->type;
761         return 0;
762 }
763
764 int sd_bus_message_get_serial(sd_bus_message *m, uint64_t *serial) {
765         if (!m)
766                 return -EINVAL;
767         if (!serial)
768                 return -EINVAL;
769         if (m->header->serial == 0)
770                 return -ENOENT;
771
772         *serial = BUS_MESSAGE_SERIAL(m);
773         return 0;
774 }
775
776 int sd_bus_message_get_reply_serial(sd_bus_message *m, uint64_t *serial) {
777         if (!m)
778                 return -EINVAL;
779         if (!serial)
780                 return -EINVAL;
781         if (m->reply_serial == 0)
782                 return -ENOENT;
783
784         *serial = m->reply_serial;
785         return 0;
786 }
787
788 int sd_bus_message_get_no_reply(sd_bus_message *m) {
789         if (!m)
790                 return -EINVAL;
791
792         return m->header->type == SD_BUS_MESSAGE_TYPE_METHOD_CALL ? !!(m->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED) : 0;
793 }
794
795 const char *sd_bus_message_get_path(sd_bus_message *m) {
796         if (!m)
797                 return NULL;
798
799         return m->path;
800 }
801
802 const char *sd_bus_message_get_interface(sd_bus_message *m) {
803         if (!m)
804                 return NULL;
805
806         return m->interface;
807 }
808
809 const char *sd_bus_message_get_member(sd_bus_message *m) {
810         if (!m)
811                 return NULL;
812
813         return m->member;
814 }
815 const char *sd_bus_message_get_destination(sd_bus_message *m) {
816         if (!m)
817                 return NULL;
818
819         return m->destination;
820 }
821
822 const char *sd_bus_message_get_sender(sd_bus_message *m) {
823         if (!m)
824                 return NULL;
825
826         return m->sender;
827 }
828
829 const sd_bus_error *sd_bus_message_get_error(sd_bus_message *m) {
830         if (!m)
831                 return NULL;
832
833         if (!sd_bus_error_is_set(&m->error))
834                 return NULL;
835
836         return &m->error;
837 }
838
839 int sd_bus_message_get_uid(sd_bus_message *m, uid_t *uid) {
840         if (!m)
841                 return -EINVAL;
842         if (!uid)
843                 return -EINVAL;
844         if (!m->uid_valid)
845                 return -ESRCH;
846
847         *uid = m->uid;
848         return 0;
849 }
850
851 int sd_bus_message_get_gid(sd_bus_message *m, gid_t *gid) {
852         if (!m)
853                 return -EINVAL;
854         if (!gid)
855                 return -EINVAL;
856         if (!m->gid_valid)
857                 return -ESRCH;
858
859         *gid = m->gid;
860         return 0;
861 }
862
863 int sd_bus_message_get_pid(sd_bus_message *m, pid_t *pid) {
864         if (!m)
865                 return -EINVAL;
866         if (!pid)
867                 return -EINVAL;
868         if (m->pid <= 0)
869                 return -ESRCH;
870
871         *pid = m->pid;
872         return 0;
873 }
874
875 int sd_bus_message_get_tid(sd_bus_message *m, pid_t *tid) {
876         if (!m)
877                 return -EINVAL;
878         if (!tid)
879                 return -EINVAL;
880         if (m->tid <= 0)
881                 return -ESRCH;
882
883         *tid = m->tid;
884         return 0;
885 }
886
887 int sd_bus_message_get_pid_starttime(sd_bus_message *m, uint64_t *usec) {
888         if (!m)
889                 return -EINVAL;
890         if (!usec)
891                 return -EINVAL;
892         if (m->pid_starttime <= 0)
893                 return -ESRCH;
894
895         *usec = m->pid_starttime;
896         return 0;
897 }
898
899 int sd_bus_message_get_selinux_context(sd_bus_message *m, const char **ret) {
900         if (!m)
901                 return -EINVAL;
902         if (!m->label)
903                 return -ESRCH;
904
905         *ret = m->label;
906         return 0;
907 }
908
909 int sd_bus_message_get_monotonic_timestamp(sd_bus_message *m, uint64_t *usec) {
910         if (!m)
911                 return -EINVAL;
912         if (!usec)
913                 return -EINVAL;
914         if (m->monotonic <= 0)
915                 return -ESRCH;
916
917         *usec = m->monotonic;
918         return 0;
919 }
920
921 int sd_bus_message_get_realtime_timestamp(sd_bus_message *m, uint64_t *usec) {
922         if (!m)
923                 return -EINVAL;
924         if (!usec)
925                 return -EINVAL;
926         if (m->realtime <= 0)
927                 return -ESRCH;
928
929         *usec = m->realtime;
930         return 0;
931 }
932
933 int sd_bus_message_get_comm(sd_bus_message *m, const char **ret) {
934         if (!m)
935                 return -EINVAL;
936         if (!ret)
937                 return -EINVAL;
938         if (!m->comm)
939                 return -ESRCH;
940
941         *ret = m->comm;
942         return 0;
943 }
944
945 int sd_bus_message_get_tid_comm(sd_bus_message *m, const char **ret) {
946         if (!m)
947                 return -EINVAL;
948         if (!ret)
949                 return -EINVAL;
950         if (!m->tid_comm)
951                 return -ESRCH;
952
953         *ret = m->tid_comm;
954         return 0;
955 }
956
957 int sd_bus_message_get_exe(sd_bus_message *m, const char **ret) {
958         if (!m)
959                 return -EINVAL;
960         if (!ret)
961                 return -EINVAL;
962         if (!m->exe)
963                 return -ESRCH;
964
965         *ret = m->exe;
966         return 0;
967 }
968
969 int sd_bus_message_get_cgroup(sd_bus_message *m, const char **ret) {
970         if (!m)
971                 return -EINVAL;
972         if (!ret)
973                 return -EINVAL;
974         if (!m->cgroup)
975                 return -ESRCH;
976
977         *ret = m->cgroup;
978         return 0;
979 }
980
981 int sd_bus_message_get_unit(sd_bus_message *m, const char **ret) {
982         int r;
983
984         if (!m)
985                 return -EINVAL;
986         if (!ret)
987                 return -EINVAL;
988         if (!m->cgroup)
989                 return -ESRCH;
990
991         if (!m->unit) {
992                 r = cg_path_get_unit(m->cgroup, &m->unit);
993                 if (r < 0)
994                         return r;
995         }
996
997         *ret = m->unit;
998         return 0;
999 }
1000
1001 int sd_bus_message_get_user_unit(sd_bus_message *m, const char **ret) {
1002         int r;
1003
1004         if (!m)
1005                 return -EINVAL;
1006         if (!ret)
1007                 return -EINVAL;
1008         if (!m->cgroup)
1009                 return -ESRCH;
1010
1011         if (!m->user_unit) {
1012                 r = cg_path_get_user_unit(m->cgroup, &m->user_unit);
1013                 if (r < 0)
1014                         return r;
1015         }
1016
1017         *ret = m->user_unit;
1018         return 0;
1019 }
1020
1021 int sd_bus_message_get_session(sd_bus_message *m, const char **ret) {
1022         int r;
1023
1024         if (!m)
1025                 return -EINVAL;
1026         if (!ret)
1027                 return -EINVAL;
1028         if (!m->cgroup)
1029                 return -ESRCH;
1030
1031         if (!m->session) {
1032                 r = cg_path_get_session(m->cgroup, &m->session);
1033                 if (r < 0)
1034                         return r;
1035         }
1036
1037         *ret = m->session;
1038         return 0;
1039 }
1040
1041 int sd_bus_message_get_owner_uid(sd_bus_message *m, uid_t *uid) {
1042         if (!m)
1043                 return -EINVAL;
1044         if (!uid)
1045                 return -EINVAL;
1046         if (!m->cgroup)
1047                 return -ESRCH;
1048
1049         return cg_path_get_owner_uid(m->cgroup, uid);
1050 }
1051
1052 int sd_bus_message_get_cmdline(sd_bus_message *m, char ***cmdline) {
1053         size_t n, i;
1054         const char *p;
1055         bool first;
1056
1057         if (!m)
1058                 return -EINVAL;
1059
1060         if (!m->cmdline)
1061                 return -ENOENT;
1062
1063         for (p = m->cmdline, n = 0; p < m->cmdline + m->cmdline_length; p++)
1064                 if (*p == 0)
1065                         n++;
1066
1067         m->cmdline_array = new(char*, n + 1);
1068         if (!m->cmdline_array)
1069                 return -ENOMEM;
1070
1071         for (p = m->cmdline, i = 0, first = true; p < m->cmdline + m->cmdline_length; p++) {
1072                 if (first)
1073                         m->cmdline_array[i++] = (char*) p;
1074
1075                 first = *p == 0;
1076         }
1077
1078         m->cmdline_array[i] = NULL;
1079         *cmdline = m->cmdline_array;
1080
1081         return 0;
1082 }
1083
1084 int sd_bus_message_get_audit_sessionid(sd_bus_message *m, uint32_t *sessionid) {
1085         if (!m)
1086                 return -EINVAL;
1087         if (!sessionid)
1088                 return -EINVAL;
1089         if (!m->audit)
1090                 return -ESRCH;
1091
1092         *sessionid = m->audit->sessionid;
1093         return 0;
1094 }
1095
1096 int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *uid) {
1097         if (!m)
1098                 return -EINVAL;
1099         if (!uid)
1100                 return -EINVAL;
1101         if (!m->audit)
1102                 return -ESRCH;
1103
1104         *uid = m->audit->loginuid;
1105         return 0;
1106 }
1107
1108 int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability) {
1109         unsigned sz;
1110
1111         if (!m)
1112                 return -EINVAL;
1113         if (capability < 0)
1114                 return -EINVAL;
1115         if (!m->capability)
1116                 return -ESRCH;
1117
1118         sz = m->capability_size / 4;
1119         if ((unsigned) capability >= sz*8)
1120                 return 0;
1121
1122         return !!(m->capability[2 * sz + (capability / 8)] & (1 << (capability % 8)));
1123 }
1124
1125 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member) {
1126         if (!m)
1127                 return -EINVAL;
1128
1129         if (m->header->type != SD_BUS_MESSAGE_TYPE_SIGNAL)
1130                 return 0;
1131
1132         if (interface && (!m->interface || !streq(m->interface, interface)))
1133                 return 0;
1134
1135         if (member &&  (!m->member || !streq(m->member, member)))
1136                 return 0;
1137
1138         return 1;
1139 }
1140
1141 int sd_bus_message_is_method_call(sd_bus_message *m, const char *interface, const char *member) {
1142         if (!m)
1143                 return -EINVAL;
1144
1145         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1146                 return 0;
1147
1148         if (interface && (!m->interface || !streq(m->interface, interface)))
1149                 return 0;
1150
1151         if (member &&  (!m->member || !streq(m->member, member)))
1152                 return 0;
1153
1154         return 1;
1155 }
1156
1157 int sd_bus_message_is_method_error(sd_bus_message *m, const char *name) {
1158         if (!m)
1159                 return -EINVAL;
1160
1161         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_ERROR)
1162                 return 0;
1163
1164         if (name && (!m->error.name || !streq(m->error.name, name)))
1165                 return 0;
1166
1167         return 1;
1168 }
1169
1170 int sd_bus_message_set_no_reply(sd_bus_message *m, int b) {
1171         if (!m)
1172                 return -EINVAL;
1173         if (m->sealed)
1174                 return -EPERM;
1175         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1176                 return -EPERM;
1177
1178         if (b)
1179                 m->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1180         else
1181                 m->header->flags &= ~SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1182
1183         return 0;
1184 }
1185
1186 static struct bus_container *message_get_container(sd_bus_message *m) {
1187         assert(m);
1188
1189         if (m->n_containers == 0)
1190                 return &m->root_container;
1191
1192         assert(m->containers);
1193         return m->containers + m->n_containers - 1;
1194 }
1195
1196 struct bus_body_part *message_append_part(sd_bus_message *m) {
1197         struct bus_body_part *part;
1198
1199         assert(m);
1200
1201         if (m->poisoned)
1202                 return NULL;
1203
1204         if (m->n_body_parts <= 0) {
1205                 part = &m->body;
1206                 zero(*part);
1207         } else {
1208                 assert(m->body_end);
1209
1210                 part = new0(struct bus_body_part, 1);
1211                 if (!part) {
1212                         m->poisoned = true;
1213                         return NULL;
1214                 }
1215
1216                 m->body_end->next = part;
1217         }
1218
1219         part->memfd = -1;
1220         m->body_end = part;
1221         m->n_body_parts ++;
1222
1223         return part;
1224 }
1225
1226 static void part_zero(struct bus_body_part *part, size_t sz) {
1227         assert(part);
1228         assert(sz > 0);
1229         assert(sz < 8);
1230
1231         /* All other fields can be left in their defaults */
1232         assert(!part->data);
1233         assert(part->memfd < 0);
1234
1235         part->size = sz;
1236         part->is_zero = true;
1237         part->sealed = true;
1238 }
1239
1240 static int part_make_space(
1241                 struct sd_bus_message *m,
1242                 struct bus_body_part *part,
1243                 size_t sz,
1244                 void **q) {
1245
1246         void *n;
1247         int r;
1248
1249         assert(m);
1250         assert(part);
1251         assert(!part->sealed);
1252
1253         if (m->poisoned)
1254                 return -ENOMEM;
1255
1256         if (!part->data && part->memfd < 0)
1257                 part->memfd = bus_kernel_pop_memfd(m->bus, &part->data, &part->mapped);
1258
1259         if (part->memfd >= 0) {
1260                 uint64_t u = sz;
1261
1262                 r = ioctl(part->memfd, KDBUS_CMD_MEMFD_SIZE_SET, &u);
1263                 if (r < 0) {
1264                         m->poisoned = true;
1265                         return -errno;
1266                 }
1267
1268                 if (!part->data || sz > part->mapped) {
1269                         size_t psz = PAGE_ALIGN(sz > 0 ? sz : 1);
1270
1271                         if (part->mapped <= 0)
1272                                 n = mmap(NULL, psz, PROT_READ|PROT_WRITE, MAP_SHARED, part->memfd, 0);
1273                         else
1274                                 n = mremap(part->data, part->mapped, psz, MREMAP_MAYMOVE);
1275
1276                         if (n == MAP_FAILED) {
1277                                 m->poisoned = true;
1278                                 return -errno;
1279                         }
1280
1281                         part->mapped = psz;
1282                         part->data = n;
1283                 }
1284
1285                 part->munmap_this = true;
1286         } else {
1287                 n = realloc(part->data, MAX(sz, 1u));
1288                 if (!n) {
1289                         m->poisoned = true;
1290                         return -ENOMEM;
1291                 }
1292
1293                 part->data = n;
1294                 part->free_this = true;
1295         }
1296
1297         if (q)
1298                 *q = part->data ? (uint8_t*) part->data + part->size : NULL;
1299
1300         part->size = sz;
1301         return 0;
1302 }
1303
1304 static void message_extend_containers(sd_bus_message *m, size_t expand) {
1305         struct bus_container *c;
1306
1307         assert(m);
1308
1309         if (expand <= 0)
1310                 return;
1311
1312         /* Update counters */
1313         for (c = m->containers; c < m->containers + m->n_containers; c++)
1314                 if (c->array_size)
1315                         *c->array_size += expand;
1316 }
1317
1318 static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
1319         struct bus_body_part *part = NULL;
1320         size_t start_body, end_body, padding, start_part, end_part, added;
1321         bool add_new_part;
1322         void *p;
1323         int r;
1324
1325         assert(m);
1326         assert(align > 0);
1327         assert(!m->sealed);
1328
1329         if (m->poisoned)
1330                 return NULL;
1331
1332         start_body = ALIGN_TO((size_t) m->header->body_size, align);
1333         end_body = start_body + sz;
1334
1335         padding = start_body - m->header->body_size;
1336         added = padding + sz;
1337
1338         /* Check for 32bit overflows */
1339         if (end_body > (size_t) ((uint32_t) -1)) {
1340                 m->poisoned = true;
1341                 return NULL;
1342         }
1343
1344         add_new_part =
1345                 m->n_body_parts <= 0 ||
1346                 m->body_end->sealed ||
1347                 padding != ALIGN_TO(m->body_end->size, align) - m->body_end->size;
1348
1349         if (add_new_part) {
1350                 if (padding > 0) {
1351                         part = message_append_part(m);
1352                         if (!part)
1353                                 return NULL;
1354
1355                         part_zero(part, padding);
1356                 }
1357
1358                 part = message_append_part(m);
1359                 if (!part)
1360                         return NULL;
1361
1362                 r = part_make_space(m, part, sz, &p);
1363                 if (r < 0)
1364                         return NULL;
1365         } else {
1366                 struct bus_container *c;
1367                 void *op;
1368                 size_t os;
1369
1370                 part = m->body_end;
1371                 op = part->data;
1372                 os = part->size;
1373
1374                 start_part = ALIGN_TO(part->size, align);
1375                 end_part = start_part + sz;
1376
1377                 r = part_make_space(m, part, end_part, &p);
1378                 if (r < 0)
1379                         return NULL;
1380
1381                 if (padding > 0) {
1382                         memset(p, 0, padding);
1383                         p = (uint8_t*) p + padding;
1384                 }
1385
1386                 /* Readjust pointers */
1387                 for (c = m->containers; c < m->containers + m->n_containers; c++)
1388                         c->array_size = adjust_pointer(c->array_size, op, os, part->data);
1389
1390                 m->error.message = (const char*) adjust_pointer(m->error.message, op, os, part->data);
1391         }
1392
1393         m->header->body_size = end_body;
1394         message_extend_containers(m, added);
1395
1396         return p;
1397 }
1398
1399 int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored) {
1400         struct bus_container *c;
1401         ssize_t align, sz;
1402         uint32_t k;
1403         void *a;
1404         int fd = -1;
1405         uint32_t fdi = 0;
1406         int r;
1407
1408         if (!m)
1409                 return -EINVAL;
1410         if (!p)
1411                 return -EINVAL;
1412         if (m->sealed)
1413                 return -EPERM;
1414         if (!bus_type_is_basic(type))
1415                 return -EINVAL;
1416         if (m->poisoned)
1417                 return -ESTALE;
1418
1419         c = message_get_container(m);
1420
1421         if (c->signature && c->signature[c->index]) {
1422                 /* Container signature is already set */
1423
1424                 if (c->signature[c->index] != type)
1425                         return -ENXIO;
1426         } else {
1427                 char *e;
1428
1429                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1430                 if (c->enclosing != 0)
1431                         return -ENXIO;
1432
1433                 e = strextend(&c->signature, CHAR_TO_STR(type), NULL);
1434                 if (!e) {
1435                         m->poisoned = true;
1436                         return -ENOMEM;
1437                 }
1438         }
1439
1440         switch (type) {
1441
1442         case SD_BUS_TYPE_STRING:
1443         case SD_BUS_TYPE_OBJECT_PATH:
1444
1445                 align = 4;
1446                 sz = 4 + strlen(p) + 1;
1447                 break;
1448
1449         case SD_BUS_TYPE_SIGNATURE:
1450
1451                 align = 1;
1452                 sz = 1 + strlen(p) + 1;
1453                 break;
1454
1455         case SD_BUS_TYPE_BOOLEAN:
1456                 align = sz = 4;
1457
1458                 assert_cc(sizeof(int) == sizeof(uint32_t));
1459                 memcpy(&k, p, 4);
1460                 k = !!k;
1461                 p = &k;
1462                 break;
1463
1464         case SD_BUS_TYPE_UNIX_FD: {
1465                 int z, *f;
1466
1467                 if (!m->allow_fds) {
1468                         r = -ENOTSUP;
1469                         goto fail;
1470                 }
1471
1472                 align = sz = 4;
1473
1474                 z = *(int*) p;
1475                 if (z < 0) {
1476                         r = -EINVAL;
1477                         goto fail;
1478                 }
1479
1480                 fd = fcntl(z, F_DUPFD_CLOEXEC, 3);
1481                 if (fd < 0) {
1482                         r = -errno;
1483                         goto fail;
1484                 }
1485
1486                 f = realloc(m->fds, sizeof(int) * (m->n_fds + 1));
1487                 if (!f) {
1488                         m->poisoned = true;
1489                         r = -ENOMEM;
1490                         goto fail;
1491                 }
1492
1493                 fdi = m->n_fds;
1494                 f[fdi] = fd;
1495                 m->fds = f;
1496                 m->free_fds = true;
1497                 break;
1498         }
1499
1500         default:
1501                 align = bus_type_get_alignment(type);
1502                 sz = bus_type_get_size(type);
1503                 break;
1504         }
1505
1506         assert(align > 0);
1507         assert(sz > 0);
1508
1509         a = message_extend_body(m, align, sz);
1510         if (!a) {
1511                 r = -ENOMEM;
1512                 goto fail;
1513         }
1514
1515         if (type == SD_BUS_TYPE_STRING || type == SD_BUS_TYPE_OBJECT_PATH) {
1516                 *(uint32_t*) a = sz - 5;
1517                 memcpy((uint8_t*) a + 4, p, sz - 4);
1518
1519                 if (stored)
1520                         *stored = (const uint8_t*) a + 4;
1521
1522         } else if (type == SD_BUS_TYPE_SIGNATURE) {
1523                 *(uint8_t*) a = sz - 1;
1524                 memcpy((uint8_t*) a + 1, p, sz - 1);
1525
1526                 if (stored)
1527                         *stored = (const uint8_t*) a + 1;
1528         } else if (type == SD_BUS_TYPE_UNIX_FD) {
1529                 *(uint32_t*) a = fdi;
1530
1531                 if (stored)
1532                         *stored = a;
1533
1534                 m->n_fds ++;
1535
1536         } else {
1537                 memcpy(a, p, sz);
1538
1539                 if (stored)
1540                         *stored = a;
1541         }
1542
1543         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1544                 c->index++;
1545
1546         return 0;
1547
1548 fail:
1549         if (fd >= 0)
1550                 close_nointr_nofail(fd);
1551
1552         return r;
1553 }
1554
1555 int sd_bus_message_append_basic(sd_bus_message *m, char type, const void *p) {
1556         return message_append_basic(m, type, p, NULL);
1557 }
1558
1559 int sd_bus_message_append_string_space(sd_bus_message *m, size_t size, char **s) {
1560         struct bus_container *c;
1561         void *a;
1562
1563         if (!m)
1564                 return -EINVAL;
1565         if (!s)
1566                 return -EINVAL;
1567         if (m->sealed)
1568                 return -EPERM;
1569         if (m->poisoned)
1570                 return -ESTALE;
1571
1572         c = message_get_container(m);
1573
1574         if (c->signature && c->signature[c->index]) {
1575                 /* Container signature is already set */
1576
1577                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
1578                         return -ENXIO;
1579         } else {
1580                 char *e;
1581
1582                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1583                 if (c->enclosing != 0)
1584                         return -ENXIO;
1585
1586                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
1587                 if (!e) {
1588                         m->poisoned = true;
1589                         return -ENOMEM;
1590                 }
1591         }
1592
1593         a = message_extend_body(m, 4, 4 + size + 1);
1594         if (!a)
1595                 return -ENOMEM;
1596
1597         *(uint32_t*) a = size;
1598         *s = (char*) a + 4;
1599
1600         (*s)[size] = 0;
1601
1602         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1603                 c->index++;
1604
1605         return 0;
1606 }
1607
1608 static int bus_message_open_array(
1609                 sd_bus_message *m,
1610                 struct bus_container *c,
1611                 const char *contents,
1612                 uint32_t **array_size) {
1613
1614         unsigned nindex;
1615         void *a, *op;
1616         int alignment;
1617         size_t os;
1618         struct bus_body_part *o;
1619
1620         assert(m);
1621         assert(c);
1622         assert(contents);
1623         assert(array_size);
1624
1625         if (!signature_is_single(contents, true))
1626                 return -EINVAL;
1627
1628         alignment = bus_type_get_alignment(contents[0]);
1629         if (alignment < 0)
1630                 return alignment;
1631
1632         if (c->signature && c->signature[c->index]) {
1633
1634                 /* Verify the existing signature */
1635
1636                 if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
1637                         return -ENXIO;
1638
1639                 if (!startswith(c->signature + c->index + 1, contents))
1640                         return -ENXIO;
1641
1642                 nindex = c->index + 1 + strlen(contents);
1643         } else {
1644                 char *e;
1645
1646                 if (c->enclosing != 0)
1647                         return -ENXIO;
1648
1649                 /* Extend the existing signature */
1650
1651                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_ARRAY), contents, NULL);
1652                 if (!e) {
1653                         m->poisoned = true;
1654                         return -ENOMEM;
1655                 }
1656
1657                 nindex = e - c->signature;
1658         }
1659
1660         a = message_extend_body(m, 4, 4);
1661         if (!a)
1662                 return -ENOMEM;
1663
1664         o = m->body_end;
1665         op = m->body_end->data;
1666         os = m->body_end->size;
1667
1668         /* Add alignment between size and first element */
1669         if (!message_extend_body(m, alignment, 0))
1670                 return -ENOMEM;
1671
1672         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1673                 c->index = nindex;
1674
1675         /* location of array size might have changed so let's readjust a */
1676         if (o == m->body_end)
1677                 a = adjust_pointer(a, op, os, m->body_end->data);
1678
1679         *(uint32_t*) a = 0;
1680         *array_size = a;
1681         return 0;
1682 }
1683
1684 static int bus_message_open_variant(
1685                 sd_bus_message *m,
1686                 struct bus_container *c,
1687                 const char *contents) {
1688
1689         size_t l;
1690         void *a;
1691
1692         assert(m);
1693         assert(c);
1694         assert(contents);
1695
1696         if (!signature_is_single(contents, false))
1697                 return -EINVAL;
1698
1699         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
1700                 return -EINVAL;
1701
1702         if (c->signature && c->signature[c->index]) {
1703
1704                 if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
1705                         return -ENXIO;
1706
1707         } else {
1708                 char *e;
1709
1710                 if (c->enclosing != 0)
1711                         return -ENXIO;
1712
1713                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_VARIANT), NULL);
1714                 if (!e) {
1715                         m->poisoned = true;
1716                         return -ENOMEM;
1717                 }
1718         }
1719
1720         l = strlen(contents);
1721         a = message_extend_body(m, 1, 1 + l + 1);
1722         if (!a)
1723                 return -ENOMEM;
1724
1725         *(uint8_t*) a = l;
1726         memcpy((uint8_t*) a + 1, contents, l + 1);
1727
1728         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1729                 c->index++;
1730
1731         return 0;
1732 }
1733
1734 static int bus_message_open_struct(
1735                 sd_bus_message *m,
1736                 struct bus_container *c,
1737                 const char *contents) {
1738
1739         size_t nindex;
1740
1741         assert(m);
1742         assert(c);
1743         assert(contents);
1744
1745         if (!signature_is_valid(contents, false))
1746                 return -EINVAL;
1747
1748         if (c->signature && c->signature[c->index]) {
1749                 size_t l;
1750
1751                 l = strlen(contents);
1752
1753                 if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
1754                     !startswith(c->signature + c->index + 1, contents) ||
1755                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
1756                         return -ENXIO;
1757
1758                 nindex = c->index + 1 + l + 1;
1759         } else {
1760                 char *e;
1761
1762                 if (c->enclosing != 0)
1763                         return -ENXIO;
1764
1765                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_BEGIN), contents, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_END), NULL);
1766                 if (!e) {
1767                         m->poisoned = true;
1768                         return -ENOMEM;
1769                 }
1770
1771                 nindex = e - c->signature;
1772         }
1773
1774         /* Align contents to 8 byte boundary */
1775         if (!message_extend_body(m, 8, 0))
1776                 return -ENOMEM;
1777
1778         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1779                 c->index = nindex;
1780
1781         return 0;
1782 }
1783
1784 static int bus_message_open_dict_entry(
1785                 sd_bus_message *m,
1786                 struct bus_container *c,
1787                 const char *contents) {
1788
1789         size_t nindex;
1790
1791         assert(m);
1792         assert(c);
1793         assert(contents);
1794
1795         if (!signature_is_pair(contents))
1796                 return -EINVAL;
1797
1798         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1799                 return -ENXIO;
1800
1801         if (c->signature && c->signature[c->index]) {
1802                 size_t l;
1803
1804                 l = strlen(contents);
1805
1806                 if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
1807                     !startswith(c->signature + c->index + 1, contents) ||
1808                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
1809                         return -ENXIO;
1810
1811                 nindex = c->index + 1 + l + 1;
1812         } else
1813                 return -ENXIO;
1814
1815         /* Align contents to 8 byte boundary */
1816         if (!message_extend_body(m, 8, 0))
1817                 return -ENOMEM;
1818
1819         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1820                 c->index = nindex;
1821
1822         return 0;
1823 }
1824
1825 int sd_bus_message_open_container(
1826                 sd_bus_message *m,
1827                 char type,
1828                 const char *contents) {
1829
1830         struct bus_container *c, *w;
1831         uint32_t *array_size = NULL;
1832         char *signature;
1833         size_t before;
1834         int r;
1835
1836         if (!m)
1837                 return -EINVAL;
1838         if (m->sealed)
1839                 return -EPERM;
1840         if (!contents)
1841                 return -EINVAL;
1842         if (m->poisoned)
1843                 return -ESTALE;
1844
1845         /* Make sure we have space for one more container */
1846         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
1847         if (!w) {
1848                 m->poisoned = true;
1849                 return -ENOMEM;
1850         }
1851
1852         m->containers = w;
1853
1854         c = message_get_container(m);
1855
1856         signature = strdup(contents);
1857         if (!signature) {
1858                 m->poisoned = true;
1859                 return -ENOMEM;
1860         }
1861
1862         /* Save old index in the parent container, in case we have to
1863          * abort this container */
1864         c->saved_index = c->index;
1865         before = m->header->body_size;
1866
1867         if (type == SD_BUS_TYPE_ARRAY)
1868                 r = bus_message_open_array(m, c, contents, &array_size);
1869         else if (type == SD_BUS_TYPE_VARIANT)
1870                 r = bus_message_open_variant(m, c, contents);
1871         else if (type == SD_BUS_TYPE_STRUCT)
1872                 r = bus_message_open_struct(m, c, contents);
1873         else if (type == SD_BUS_TYPE_DICT_ENTRY)
1874                 r = bus_message_open_dict_entry(m, c, contents);
1875         else
1876                 r = -EINVAL;
1877
1878         if (r < 0) {
1879                 free(signature);
1880                 return r;
1881         }
1882
1883         /* OK, let's fill it in */
1884         w += m->n_containers++;
1885         w->enclosing = type;
1886         w->signature = signature;
1887         w->index = 0;
1888         w->array_size = array_size;
1889         w->before = before;
1890         w->begin = m->rindex;
1891
1892         return 0;
1893 }
1894
1895 int sd_bus_message_close_container(sd_bus_message *m) {
1896         struct bus_container *c;
1897
1898         if (!m)
1899                 return -EINVAL;
1900         if (m->sealed)
1901                 return -EPERM;
1902         if (m->n_containers <= 0)
1903                 return -EINVAL;
1904         if (m->poisoned)
1905                 return -ESTALE;
1906
1907         c = message_get_container(m);
1908         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1909                 if (c->signature && c->signature[c->index] != 0)
1910                         return -EINVAL;
1911
1912         free(c->signature);
1913         m->n_containers--;
1914
1915         return 0;
1916 }
1917
1918 typedef struct {
1919         const char *types;
1920         unsigned n_struct;
1921         unsigned n_array;
1922 } TypeStack;
1923
1924 static int type_stack_push(TypeStack *stack, unsigned max, unsigned *i, const char *types, unsigned n_struct, unsigned n_array) {
1925         assert(stack);
1926         assert(max > 0);
1927
1928         if (*i >= max)
1929                 return -EINVAL;
1930
1931         stack[*i].types = types;
1932         stack[*i].n_struct = n_struct;
1933         stack[*i].n_array = n_array;
1934         (*i)++;
1935
1936         return 0;
1937 }
1938
1939 static int type_stack_pop(TypeStack *stack, unsigned max, unsigned *i, const char **types, unsigned *n_struct, unsigned *n_array) {
1940         assert(stack);
1941         assert(max > 0);
1942         assert(types);
1943         assert(n_struct);
1944         assert(n_array);
1945
1946         if (*i <= 0)
1947                 return 0;
1948
1949         (*i)--;
1950         *types = stack[*i].types;
1951         *n_struct = stack[*i].n_struct;
1952         *n_array = stack[*i].n_array;
1953
1954         return 1;
1955 }
1956
1957 int bus_message_append_ap(
1958                 sd_bus_message *m,
1959                 const char *types,
1960                 va_list ap) {
1961
1962         unsigned n_array, n_struct;
1963         TypeStack stack[BUS_CONTAINER_DEPTH];
1964         unsigned stack_ptr = 0;
1965         int r;
1966
1967         assert(m);
1968
1969         if (!types)
1970                 return 0;
1971
1972         n_array = (unsigned) -1;
1973         n_struct = strlen(types);
1974
1975         for (;;) {
1976                 const char *t;
1977
1978                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
1979                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
1980                         if (r < 0)
1981                                 return r;
1982                         if (r == 0)
1983                                 break;
1984
1985                         r = sd_bus_message_close_container(m);
1986                         if (r < 0)
1987                                 return r;
1988
1989                         continue;
1990                 }
1991
1992                 t = types;
1993                 if (n_array != (unsigned) -1)
1994                         n_array --;
1995                 else {
1996                         types ++;
1997                         n_struct--;
1998                 }
1999
2000                 switch (*t) {
2001
2002                 case SD_BUS_TYPE_BYTE: {
2003                         uint8_t x;
2004
2005                         x = (uint8_t) va_arg(ap, int);
2006                         r = sd_bus_message_append_basic(m, *t, &x);
2007                         break;
2008                 }
2009
2010                 case SD_BUS_TYPE_BOOLEAN:
2011                 case SD_BUS_TYPE_INT32:
2012                 case SD_BUS_TYPE_UINT32:
2013                 case SD_BUS_TYPE_UNIX_FD: {
2014                         uint32_t x;
2015
2016                         /* We assume a boolean is the same as int32_t */
2017                         assert_cc(sizeof(int32_t) == sizeof(int));
2018
2019                         x = va_arg(ap, uint32_t);
2020                         r = sd_bus_message_append_basic(m, *t, &x);
2021                         break;
2022                 }
2023
2024                 case SD_BUS_TYPE_INT16:
2025                 case SD_BUS_TYPE_UINT16: {
2026                         uint16_t x;
2027
2028                         x = (uint16_t) va_arg(ap, int);
2029                         r = sd_bus_message_append_basic(m, *t, &x);
2030                         break;
2031                 }
2032
2033                 case SD_BUS_TYPE_INT64:
2034                 case SD_BUS_TYPE_UINT64:
2035                 case SD_BUS_TYPE_DOUBLE: {
2036                         uint64_t x;
2037
2038                         x = va_arg(ap, uint64_t);
2039                         r = sd_bus_message_append_basic(m, *t, &x);
2040                         break;
2041                 }
2042
2043                 case SD_BUS_TYPE_STRING:
2044                 case SD_BUS_TYPE_OBJECT_PATH:
2045                 case SD_BUS_TYPE_SIGNATURE: {
2046                         const char *x;
2047
2048                         x = va_arg(ap, const char*);
2049                         r = sd_bus_message_append_basic(m, *t, x);
2050                         break;
2051                 }
2052
2053                 case SD_BUS_TYPE_ARRAY: {
2054                         size_t k;
2055
2056                         r = signature_element_length(t + 1, &k);
2057                         if (r < 0)
2058                                 return r;
2059
2060                         {
2061                                 char s[k + 1];
2062                                 memcpy(s, t + 1, k);
2063                                 s[k] = 0;
2064
2065                                 r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, s);
2066                                 if (r < 0)
2067                                         return r;
2068                         }
2069
2070                         if (n_array == (unsigned) -1) {
2071                                 types += k;
2072                                 n_struct -= k;
2073                         }
2074
2075                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2076                         if (r < 0)
2077                                 return r;
2078
2079                         types = t + 1;
2080                         n_struct = k;
2081                         n_array = va_arg(ap, unsigned);
2082
2083                         break;
2084                 }
2085
2086                 case SD_BUS_TYPE_VARIANT: {
2087                         const char *s;
2088
2089                         s = va_arg(ap, const char*);
2090                         if (!s)
2091                                 return -EINVAL;
2092
2093                         r = sd_bus_message_open_container(m, SD_BUS_TYPE_VARIANT, s);
2094                         if (r < 0)
2095                                 return r;
2096
2097                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2098                         if (r < 0)
2099                                 return r;
2100
2101                         types = s;
2102                         n_struct = strlen(s);
2103                         n_array = (unsigned) -1;
2104
2105                         break;
2106                 }
2107
2108                 case SD_BUS_TYPE_STRUCT_BEGIN:
2109                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
2110                         size_t k;
2111
2112                         r = signature_element_length(t, &k);
2113                         if (r < 0)
2114                                 return r;
2115
2116                         {
2117                                 char s[k - 1];
2118
2119                                 memcpy(s, t + 1, k - 2);
2120                                 s[k - 2] = 0;
2121
2122                                 r = sd_bus_message_open_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
2123                                 if (r < 0)
2124                                         return r;
2125                         }
2126
2127                         if (n_array == (unsigned) -1) {
2128                                 types += k - 1;
2129                                 n_struct -= k - 1;
2130                         }
2131
2132                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2133                         if (r < 0)
2134                                 return r;
2135
2136                         types = t + 1;
2137                         n_struct = k - 2;
2138                         n_array = (unsigned) -1;
2139
2140                         break;
2141                 }
2142
2143                 default:
2144                         r = -EINVAL;
2145                 }
2146
2147                 if (r < 0)
2148                         return r;
2149         }
2150
2151         return 0;
2152 }
2153
2154 int sd_bus_message_append(sd_bus_message *m, const char *types, ...) {
2155         va_list ap;
2156         int r;
2157
2158         if (!m)
2159                 return -EINVAL;
2160         if (m->sealed)
2161                 return -EPERM;
2162         if (m->poisoned)
2163                 return -ESTALE;
2164         if (!types)
2165                 return 0;
2166
2167         va_start(ap, types);
2168         r = bus_message_append_ap(m, types, ap);
2169         va_end(ap);
2170
2171         return r;
2172 }
2173
2174 int sd_bus_message_append_array_space(sd_bus_message *m, char type, size_t size, void **ptr) {
2175         ssize_t align, sz;
2176         void *a;
2177         int r;
2178
2179         if (!m)
2180                 return -EINVAL;
2181         if (m->sealed)
2182                 return -EPERM;
2183         if (!bus_type_is_trivial(type))
2184                 return -EINVAL;
2185         if (!ptr && size > 0)
2186                 return -EINVAL;
2187         if (m->poisoned)
2188                 return -ESTALE;
2189
2190         align = bus_type_get_alignment(type);
2191         sz = bus_type_get_size(type);
2192
2193         assert_se(align > 0);
2194         assert_se(sz > 0);
2195
2196         if (size % sz != 0)
2197                 return -EINVAL;
2198
2199         r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
2200         if (r < 0)
2201                 return r;
2202
2203         a = message_extend_body(m, align, size);
2204         if (!a)
2205                 return -ENOMEM;
2206
2207         r = sd_bus_message_close_container(m);
2208         if (r < 0)
2209                 return r;
2210
2211         *ptr = a;
2212         return 0;
2213 }
2214
2215 int sd_bus_message_append_array(sd_bus_message *m, char type, const void *ptr, size_t size) {
2216         int r;
2217         void *p;
2218
2219         if (!ptr && size > 0)
2220                 return -EINVAL;
2221
2222         r = sd_bus_message_append_array_space(m, type, size, &p);
2223         if (r < 0)
2224                 return r;
2225
2226         if (size > 0)
2227                 memcpy(p, ptr, size);
2228
2229         return 0;
2230 }
2231
2232 int sd_bus_message_append_array_memfd(sd_bus_message *m, char type, sd_memfd *memfd) {
2233         _cleanup_close_ int copy_fd = -1;
2234         struct bus_body_part *part;
2235         ssize_t align, sz;
2236         uint64_t size;
2237         void *a;
2238         int r;
2239
2240         if (!m)
2241                 return -EINVAL;
2242         if (!memfd)
2243                 return -EINVAL;
2244         if (m->sealed)
2245                 return -EPERM;
2246         if (!bus_type_is_trivial(type))
2247                 return -EINVAL;
2248         if (m->poisoned)
2249                 return -ESTALE;
2250
2251         r = sd_memfd_set_sealed(memfd, true);
2252         if (r < 0)
2253                 return r;
2254
2255         copy_fd = sd_memfd_dup_fd(memfd);
2256         if (copy_fd < 0)
2257                 return copy_fd;
2258
2259         r = sd_memfd_get_size(memfd, &size);
2260         if (r < 0)
2261                 return r;
2262
2263         align = bus_type_get_alignment(type);
2264         sz = bus_type_get_size(type);
2265
2266         assert_se(align > 0);
2267         assert_se(sz > 0);
2268
2269         if (size % sz != 0)
2270                 return -EINVAL;
2271
2272         if (size > (uint64_t) (uint32_t) -1)
2273                 return -EINVAL;
2274
2275         r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
2276         if (r < 0)
2277                 return r;
2278
2279         a = message_extend_body(m, align, 0);
2280         if (!a)
2281                 return -ENOMEM;
2282
2283         part = message_append_part(m);
2284         if (!part)
2285                 return -ENOMEM;
2286
2287         part->memfd = copy_fd;
2288         part->sealed = true;
2289         part->size = size;
2290         copy_fd = -1;
2291
2292         message_extend_containers(m, size);
2293         m->header->body_size += size;
2294
2295         return sd_bus_message_close_container(m);
2296 }
2297
2298 int sd_bus_message_append_string_memfd(sd_bus_message *m, sd_memfd *memfd) {
2299         _cleanup_close_ int copy_fd = -1;
2300         struct bus_body_part *part;
2301         struct bus_container *c;
2302         uint64_t size;
2303         void *a;
2304         int r;
2305
2306         assert_return(m, -EINVAL);
2307         assert_return(memfd, -EINVAL);
2308         assert_return(!m->sealed, -EPERM);
2309         assert_return(!m->poisoned, -ESTALE);
2310
2311         r = sd_memfd_set_sealed(memfd, true);
2312         if (r < 0)
2313                 return r;
2314
2315         copy_fd = sd_memfd_dup_fd(memfd);
2316         if (copy_fd < 0)
2317                 return copy_fd;
2318
2319         r = sd_memfd_get_size(memfd, &size);
2320         if (r < 0)
2321                 return r;
2322
2323         /* We require this to be NUL terminated */
2324         if (size == 0)
2325                 return -EINVAL;
2326
2327         if (size > (uint64_t) (uint32_t) -1)
2328                 return -EINVAL;
2329
2330         c = message_get_container(m);
2331         if (c->signature && c->signature[c->index]) {
2332                 /* Container signature is already set */
2333
2334                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
2335                         return -ENXIO;
2336         } else {
2337                 char *e;
2338
2339                 /* Maybe we can append to the signature? But only if this is the top-level container*/
2340                 if (c->enclosing != 0)
2341                         return -ENXIO;
2342
2343                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
2344                 if (!e) {
2345                         m->poisoned = true;
2346                         return -ENOMEM;
2347                 }
2348         }
2349
2350         a = message_extend_body(m, 4, 4);
2351         if (!a)
2352                 return -ENOMEM;
2353
2354         *(uint32_t*) a = size - 1;
2355
2356         part = message_append_part(m);
2357         if (!part)
2358                 return -ENOMEM;
2359
2360         part->memfd = copy_fd;
2361         part->sealed = true;
2362         part->size = size;
2363         copy_fd = -1;
2364
2365         message_extend_containers(m, size);
2366         m->header->body_size += size;
2367
2368         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2369                 c->index++;
2370
2371         return 0;
2372 }
2373
2374 int sd_bus_message_append_strv(sd_bus_message *m, char **l) {
2375         char **i;
2376         int r;
2377
2378         assert_return(m, -EINVAL);
2379         assert_return(!m->sealed, -EPERM);
2380         assert_return(!m->poisoned, -ESTALE);
2381
2382         r = sd_bus_message_open_container(m, 'a', "s");
2383         if (r < 0)
2384                 return r;
2385
2386         STRV_FOREACH(i, l) {
2387                 r = sd_bus_message_append_basic(m, 's', *i);
2388                 if (r < 0)
2389                         return r;
2390         }
2391
2392         return sd_bus_message_close_container(m);
2393 }
2394
2395 int bus_body_part_map(struct bus_body_part *part) {
2396         void *p;
2397         size_t psz;
2398
2399         assert_se(part);
2400
2401         if (part->data)
2402                 return 0;
2403
2404         if (part->size <= 0)
2405                 return 0;
2406
2407         /* For smaller zero parts (as used for padding) we don't need to map anything... */
2408         if (part->memfd < 0 && part->is_zero && part->size < 8) {
2409                 static const uint8_t zeroes[7] = { };
2410                 part->data = (void*) zeroes;
2411                 return 0;
2412         }
2413
2414         psz = PAGE_ALIGN(part->size);
2415
2416         if (part->memfd >= 0)
2417                 p = mmap(NULL, psz, PROT_READ, MAP_SHARED, part->memfd, 0);
2418         else if (part->is_zero)
2419                 p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
2420         else
2421                 return -EINVAL;
2422
2423         if (p == MAP_FAILED)
2424                 return -errno;
2425
2426         part->mapped = psz;
2427         part->data = p;
2428         part->munmap_this = true;
2429
2430         return 0;
2431 }
2432
2433 void bus_body_part_unmap(struct bus_body_part *part) {
2434
2435         assert_se(part);
2436
2437         if (part->memfd < 0)
2438                 return;
2439
2440         if (!part->data)
2441                 return;
2442
2443         if (!part->munmap_this)
2444                 return;
2445
2446         assert_se(munmap(part->data, part->mapped) == 0);
2447
2448         part->data = NULL;
2449         part->mapped = 0;
2450         part->munmap_this = false;
2451
2452         return;
2453 }
2454
2455 static int buffer_peek(const void *p, uint32_t sz, size_t *rindex, size_t align, size_t nbytes, void **r) {
2456         size_t k, start, end;
2457
2458         assert(rindex);
2459         assert(align > 0);
2460
2461         start = ALIGN_TO((size_t) *rindex, align);
2462         end = start + nbytes;
2463
2464         if (end > sz)
2465                 return -EBADMSG;
2466
2467         /* Verify that padding is 0 */
2468         for (k = *rindex; k < start; k++)
2469                 if (((const uint8_t*) p)[k] != 0)
2470                         return -EBADMSG;
2471
2472         if (r)
2473                 *r = (uint8_t*) p + start;
2474
2475         *rindex = end;
2476
2477         return 1;
2478 }
2479
2480 static bool message_end_of_array(sd_bus_message *m, size_t index) {
2481         struct bus_container *c;
2482
2483         assert(m);
2484
2485         c = message_get_container(m);
2486         if (!c->array_size)
2487                 return false;
2488
2489         return index >= c->begin + BUS_MESSAGE_BSWAP32(m, *c->array_size);
2490 }
2491
2492 static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t sz, void **p) {
2493         struct bus_body_part *part;
2494         size_t begin;
2495         int r;
2496
2497         assert(m);
2498
2499         if (m->cached_rindex_part && index >= m->cached_rindex_part_begin) {
2500                 part = m->cached_rindex_part;
2501                 begin = m->cached_rindex_part_begin;
2502         } else {
2503                 part = &m->body;
2504                 begin = 0;
2505         }
2506
2507         while (part) {
2508                 if (index < begin)
2509                         return NULL;
2510
2511                 if (index + sz <= begin + part->size) {
2512
2513                         r = bus_body_part_map(part);
2514                         if (r < 0)
2515                                 return NULL;
2516
2517                         if (p)
2518                                 *p = (uint8_t*) part->data + index - begin;
2519
2520                         m->cached_rindex_part = part;
2521                         m->cached_rindex_part_begin = begin;
2522
2523                         return part;
2524                 }
2525
2526                 begin += part->size;
2527                 part = part->next;
2528         }
2529
2530         return NULL;
2531 }
2532
2533 static int message_peek_body(
2534                 sd_bus_message *m,
2535                 size_t *rindex,
2536                 size_t align,
2537                 size_t nbytes,
2538                 void **ret) {
2539
2540         size_t k, start, end, padding;
2541         struct bus_body_part *part;
2542         uint8_t *q;
2543
2544         assert(m);
2545         assert(rindex);
2546         assert(align > 0);
2547
2548         if (message_end_of_array(m, *rindex))
2549                 return 0;
2550
2551         start = ALIGN_TO((size_t) *rindex, align);
2552         padding = start - *rindex;
2553         end = start + nbytes;
2554
2555         if (end > BUS_MESSAGE_BODY_SIZE(m))
2556                 return -EBADMSG;
2557
2558         part = find_part(m, *rindex, padding, (void**) &q);
2559         if (!part)
2560                 return -EBADMSG;
2561
2562         if (q) {
2563                 /* Verify padding */
2564                 for (k = 0; k < padding; k++)
2565                         if (q[k] != 0)
2566                                 return -EBADMSG;
2567         }
2568
2569         part = find_part(m, start, nbytes, (void**) &q);
2570         if (!part || !q)
2571                 return -EBADMSG;
2572
2573         *rindex = end;
2574
2575         if (ret)
2576                 *ret = q;
2577
2578         return 1;
2579 }
2580
2581 static bool validate_nul(const char *s, size_t l) {
2582
2583         /* Check for NUL chars in the string */
2584         if (memchr(s, 0, l))
2585                 return false;
2586
2587         /* Check for NUL termination */
2588         if (s[l] != 0)
2589                 return false;
2590
2591         return true;
2592 }
2593
2594 static bool validate_string(const char *s, size_t l) {
2595
2596         if (!validate_nul(s, l))
2597                 return false;
2598
2599         /* Check if valid UTF8 */
2600         if (!utf8_is_valid(s))
2601                 return false;
2602
2603         return true;
2604 }
2605
2606 static bool validate_signature(const char *s, size_t l) {
2607
2608         if (!validate_nul(s, l))
2609                 return false;
2610
2611         /* Check if valid signature */
2612         if (!signature_is_valid(s, true))
2613                 return false;
2614
2615         return true;
2616 }
2617
2618 static bool validate_object_path(const char *s, size_t l) {
2619
2620         if (!validate_nul(s, l))
2621                 return false;
2622
2623         if (!object_path_is_valid(s))
2624                 return false;
2625
2626         return true;
2627 }
2628
2629 int sd_bus_message_read_basic(sd_bus_message *m, char type, void *p) {
2630         struct bus_container *c;
2631         int r;
2632         void *q;
2633
2634         if (!m)
2635                 return -EINVAL;
2636         if (!m->sealed)
2637                 return -EPERM;
2638         if (!bus_type_is_basic(type))
2639                 return -EINVAL;
2640         if (!p)
2641                 return -EINVAL;
2642
2643         c = message_get_container(m);
2644
2645         if (!c->signature || c->signature[c->index] == 0)
2646                 return 0;
2647
2648         if (c->signature[c->index] != type)
2649                 return -ENXIO;
2650
2651         switch (type) {
2652
2653         case SD_BUS_TYPE_STRING:
2654         case SD_BUS_TYPE_OBJECT_PATH: {
2655                 uint32_t l;
2656                 size_t rindex;
2657
2658                 rindex = m->rindex;
2659                 r = message_peek_body(m, &rindex, 4, 4, &q);
2660                 if (r <= 0)
2661                         return r;
2662
2663                 l = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2664                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2665                 if (r < 0)
2666                         return r;
2667                 if (r == 0)
2668                         return -EBADMSG;
2669
2670                 if (type == SD_BUS_TYPE_OBJECT_PATH) {
2671                         if (!validate_object_path(q, l))
2672                                 return -EBADMSG;
2673                 } else {
2674                         if (!validate_string(q, l))
2675                                 return -EBADMSG;
2676                 }
2677
2678                 m->rindex = rindex;
2679                 *(const char**) p = q;
2680                 break;
2681         }
2682
2683         case SD_BUS_TYPE_SIGNATURE: {
2684                 uint8_t l;
2685                 size_t rindex;
2686
2687                 rindex = m->rindex;
2688                 r = message_peek_body(m, &rindex, 1, 1, &q);
2689                 if (r <= 0)
2690                         return r;
2691
2692                 l = *(uint8_t*) q;
2693                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2694                 if (r < 0)
2695                         return r;
2696                 if (r == 0)
2697                         return -EBADMSG;
2698
2699                 if (!validate_signature(q, l))
2700                         return -EBADMSG;
2701
2702                 m->rindex = rindex;
2703                 *(const char**) p = q;
2704                 break;
2705         }
2706
2707         default: {
2708                 ssize_t sz, align;
2709                 size_t rindex;
2710
2711                 align = bus_type_get_alignment(type);
2712                 sz = bus_type_get_size(type);
2713                 assert(align > 0 && sz > 0);
2714
2715                 rindex = m->rindex;
2716                 r = message_peek_body(m, &rindex, align, sz, &q);
2717                 if (r <= 0)
2718                         return r;
2719
2720                 switch (type) {
2721
2722                 case SD_BUS_TYPE_BYTE:
2723                         *(uint8_t*) p = *(uint8_t*) q;
2724                         break;
2725
2726                 case SD_BUS_TYPE_BOOLEAN:
2727                         *(int*) p = !!*(uint32_t*) q;
2728                         break;
2729
2730                 case SD_BUS_TYPE_INT16:
2731                 case SD_BUS_TYPE_UINT16:
2732                         *(uint16_t*) p = BUS_MESSAGE_BSWAP16(m, *(uint16_t*) q);
2733                         break;
2734
2735                 case SD_BUS_TYPE_INT32:
2736                 case SD_BUS_TYPE_UINT32:
2737                         *(uint32_t*) p = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2738                         break;
2739
2740                 case SD_BUS_TYPE_INT64:
2741                 case SD_BUS_TYPE_UINT64:
2742                 case SD_BUS_TYPE_DOUBLE:
2743                         *(uint64_t*) p = BUS_MESSAGE_BSWAP64(m, *(uint64_t*) q);
2744                         break;
2745
2746                 case SD_BUS_TYPE_UNIX_FD: {
2747                         uint32_t j;
2748
2749                         j = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2750                         if (j >= m->n_fds)
2751                                 return -EBADMSG;
2752
2753                         *(int*) p = m->fds[j];
2754                         break;
2755                 }
2756
2757                 default:
2758                         assert_not_reached("Unknown basic type...");
2759                 }
2760
2761                 m->rindex = rindex;
2762
2763                 break;
2764         }
2765         }
2766
2767         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2768                 c->index++;
2769
2770         return 1;
2771 }
2772
2773 static int bus_message_enter_array(
2774                 sd_bus_message *m,
2775                 struct bus_container *c,
2776                 const char *contents,
2777                 uint32_t **array_size) {
2778
2779         size_t rindex;
2780         void *q;
2781         int r, alignment;
2782
2783         assert(m);
2784         assert(c);
2785         assert(contents);
2786         assert(array_size);
2787
2788         if (!signature_is_single(contents, true))
2789                 return -EINVAL;
2790
2791         alignment = bus_type_get_alignment(contents[0]);
2792         if (alignment < 0)
2793                 return alignment;
2794
2795         if (!c->signature || c->signature[c->index] == 0)
2796                 return 0;
2797
2798         if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
2799                 return -ENXIO;
2800
2801         if (!startswith(c->signature + c->index + 1, contents))
2802                 return -ENXIO;
2803
2804         rindex = m->rindex;
2805         r = message_peek_body(m, &rindex, 4, 4, &q);
2806         if (r <= 0)
2807                 return r;
2808
2809         if (BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q) > BUS_ARRAY_MAX_SIZE)
2810                 return -EBADMSG;
2811
2812         r = message_peek_body(m, &rindex, alignment, 0, NULL);
2813         if (r < 0)
2814                 return r;
2815         if (r == 0)
2816                 return -EBADMSG;
2817
2818         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2819                 c->index += 1 + strlen(contents);
2820
2821         m->rindex = rindex;
2822
2823         *array_size = (uint32_t*) q;
2824
2825         return 1;
2826 }
2827
2828 static int bus_message_enter_variant(
2829                 sd_bus_message *m,
2830                 struct bus_container *c,
2831                 const char *contents) {
2832
2833         size_t rindex;
2834         uint8_t l;
2835         void *q;
2836         int r;
2837
2838         assert(m);
2839         assert(c);
2840         assert(contents);
2841
2842         if (!signature_is_single(contents, false))
2843                 return -EINVAL;
2844
2845         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
2846                 return -EINVAL;
2847
2848         if (!c->signature || c->signature[c->index] == 0)
2849                 return 0;
2850
2851         if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
2852                 return -ENXIO;
2853
2854         rindex = m->rindex;
2855         r = message_peek_body(m, &rindex, 1, 1, &q);
2856         if (r <= 0)
2857                 return r;
2858
2859         l = *(uint8_t*) q;
2860         r = message_peek_body(m, &rindex, 1, l+1, &q);
2861         if (r < 0)
2862                 return r;
2863         if (r == 0)
2864                 return -EBADMSG;
2865
2866         if (!validate_signature(q, l))
2867                 return -EBADMSG;
2868
2869         if (!streq(q, contents))
2870                 return -ENXIO;
2871
2872         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2873                 c->index++;
2874
2875         m->rindex = rindex;
2876
2877         return 1;
2878 }
2879
2880 static int bus_message_enter_struct(
2881                 sd_bus_message *m,
2882                 struct bus_container *c,
2883                 const char *contents) {
2884
2885         size_t l;
2886         int r;
2887
2888         assert(m);
2889         assert(c);
2890         assert(contents);
2891
2892         if (!signature_is_valid(contents, false))
2893                 return -EINVAL;
2894
2895         if (!c->signature || c->signature[c->index] == 0)
2896                 return 0;
2897
2898         l = strlen(contents);
2899
2900         if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
2901             !startswith(c->signature + c->index + 1, contents) ||
2902             c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
2903                 return -ENXIO;
2904
2905         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2906         if (r <= 0)
2907                 return r;
2908
2909         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2910                 c->index += 1 + l + 1;
2911
2912         return 1;
2913 }
2914
2915 static int bus_message_enter_dict_entry(
2916                 sd_bus_message *m,
2917                 struct bus_container *c,
2918                 const char *contents) {
2919
2920         size_t l;
2921         int r;
2922
2923         assert(m);
2924         assert(c);
2925         assert(contents);
2926
2927         if (!signature_is_pair(contents))
2928                 return -EINVAL;
2929
2930         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2931                 return -ENXIO;
2932
2933         if (!c->signature || c->signature[c->index] == 0)
2934                 return 0;
2935
2936         l = strlen(contents);
2937
2938         if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
2939             !startswith(c->signature + c->index + 1, contents) ||
2940             c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
2941                 return -ENXIO;
2942
2943         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2944         if (r <= 0)
2945                 return r;
2946
2947         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2948                 c->index += 1 + l + 1;
2949
2950         return 1;
2951 }
2952
2953 int sd_bus_message_enter_container(sd_bus_message *m, char type, const char *contents) {
2954         struct bus_container *c, *w;
2955         uint32_t *array_size = NULL;
2956         char *signature;
2957         size_t before;
2958         int r;
2959
2960         if (!m)
2961                 return -EINVAL;
2962         if (!m->sealed)
2963                 return -EPERM;
2964         if (!contents)
2965                 return -EINVAL;
2966
2967         /*
2968          * We enforce a global limit on container depth, that is much
2969          * higher than the 32 structs and 32 arrays the specification
2970          * mandates. This is simpler to implement for us, and we need
2971          * this only to ensure our container array doesn't grow
2972          * without bounds. We are happy to return any data from a
2973          * message as long as the data itself is valid, even if the
2974          * overall message might be not.
2975          *
2976          * Note that the message signature is validated when
2977          * parsing the headers, and that validation does check the
2978          * 32/32 limit.
2979          *
2980          * Note that the specification defines no limits on the depth
2981          * of stacked variants, but we do.
2982          */
2983         if (m->n_containers >= BUS_CONTAINER_DEPTH)
2984                 return -EBADMSG;
2985
2986         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
2987         if (!w)
2988                 return -ENOMEM;
2989         m->containers = w;
2990
2991         c = message_get_container(m);
2992
2993         if (!c->signature || c->signature[c->index] == 0)
2994                 return 0;
2995
2996         signature = strdup(contents);
2997         if (!signature)
2998                 return -ENOMEM;
2999
3000         c->saved_index = c->index;
3001         before = m->rindex;
3002
3003         if (type == SD_BUS_TYPE_ARRAY)
3004                 r = bus_message_enter_array(m, c, contents, &array_size);
3005         else if (type == SD_BUS_TYPE_VARIANT)
3006                 r = bus_message_enter_variant(m, c, contents);
3007         else if (type == SD_BUS_TYPE_STRUCT)
3008                 r = bus_message_enter_struct(m, c, contents);
3009         else if (type == SD_BUS_TYPE_DICT_ENTRY)
3010                 r = bus_message_enter_dict_entry(m, c, contents);
3011         else
3012                 r = -EINVAL;
3013
3014         if (r <= 0) {
3015                 free(signature);
3016                 return r;
3017         }
3018
3019         /* OK, let's fill it in */
3020         w += m->n_containers++;
3021         w->enclosing = type;
3022         w->signature = signature;
3023         w->index = 0;
3024         w->array_size = array_size;
3025         w->before = before;
3026         w->begin = m->rindex;
3027
3028         return 1;
3029 }
3030
3031 int sd_bus_message_exit_container(sd_bus_message *m) {
3032         struct bus_container *c;
3033
3034         if (!m)
3035                 return -EINVAL;
3036         if (!m->sealed)
3037                 return -EPERM;
3038         if (m->n_containers <= 0)
3039                 return -EINVAL;
3040
3041         c = message_get_container(m);
3042         if (c->enclosing == SD_BUS_TYPE_ARRAY) {
3043                 uint32_t l;
3044
3045                 l = BUS_MESSAGE_BSWAP32(m, *c->array_size);
3046                 if (c->begin + l != m->rindex)
3047                         return -EBUSY;
3048
3049         } else {
3050                 if (c->signature && c->signature[c->index] != 0)
3051                         return -EINVAL;
3052         }
3053
3054         free(c->signature);
3055         m->n_containers--;
3056
3057         return 1;
3058 }
3059
3060 static void message_quit_container(sd_bus_message *m) {
3061         struct bus_container *c;
3062
3063         assert(m);
3064         assert(m->sealed);
3065         assert(m->n_containers > 0);
3066
3067         c = message_get_container(m);
3068
3069         /* Undo seeks */
3070         assert(m->rindex >= c->before);
3071         m->rindex = c->before;
3072
3073         /* Free container */
3074         free(c->signature);
3075         m->n_containers--;
3076
3077         /* Correct index of new top-level container */
3078         c = message_get_container(m);
3079         c->index = c->saved_index;
3080 }
3081
3082 int sd_bus_message_peek_type(sd_bus_message *m, char *type, const char **contents) {
3083         struct bus_container *c;
3084         int r;
3085
3086         if (!m)
3087                 return -EINVAL;
3088         if (!m->sealed)
3089                 return -EPERM;
3090
3091         c = message_get_container(m);
3092
3093         if (!c->signature || c->signature[c->index] == 0)
3094                 goto eof;
3095
3096         if (message_end_of_array(m, m->rindex))
3097                 goto eof;
3098
3099         if (bus_type_is_basic(c->signature[c->index])) {
3100                 if (contents)
3101                         *contents = NULL;
3102                 if (type)
3103                         *type = c->signature[c->index];
3104                 return 1;
3105         }
3106
3107         if (c->signature[c->index] == SD_BUS_TYPE_ARRAY) {
3108
3109                 if (contents) {
3110                         size_t l;
3111                         char *sig;
3112
3113                         r = signature_element_length(c->signature+c->index+1, &l);
3114                         if (r < 0)
3115                                 return r;
3116
3117                         assert(l >= 1);
3118
3119                         sig = strndup(c->signature + c->index + 1, l);
3120                         if (!sig)
3121                                 return -ENOMEM;
3122
3123                         free(m->peeked_signature);
3124                         m->peeked_signature = sig;
3125
3126                         *contents = sig;
3127                 }
3128
3129                 if (type)
3130                         *type = SD_BUS_TYPE_ARRAY;
3131
3132                 return 1;
3133         }
3134
3135         if (c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ||
3136             c->signature[c->index] == SD_BUS_TYPE_DICT_ENTRY_BEGIN) {
3137
3138                 if (contents) {
3139                         size_t l;
3140                         char *sig;
3141
3142                         r = signature_element_length(c->signature+c->index, &l);
3143                         if (r < 0)
3144                                 return r;
3145
3146                         assert(l >= 2);
3147                         sig = strndup(c->signature + c->index + 1, l - 2);
3148                         if (!sig)
3149                                 return -ENOMEM;
3150
3151                         free(m->peeked_signature);
3152                         m->peeked_signature = sig;
3153
3154                         *contents = sig;
3155                 }
3156
3157                 if (type)
3158                         *type = c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY;
3159
3160                 return 1;
3161         }
3162
3163         if (c->signature[c->index] == SD_BUS_TYPE_VARIANT) {
3164                 if (contents) {
3165                         size_t rindex, l;
3166                         void *q;
3167
3168                         rindex = m->rindex;
3169                         r = message_peek_body(m, &rindex, 1, 1, &q);
3170                         if (r < 0)
3171                                 return r;
3172                         if (r == 0)
3173                                 goto eof;
3174
3175                         l = *(uint8_t*) q;
3176                         r = message_peek_body(m, &rindex, 1, l+1, &q);
3177                         if (r < 0)
3178                                 return r;
3179                         if (r == 0)
3180                                 return -EBADMSG;
3181
3182                         if (!validate_signature(q, l))
3183                                 return -EBADMSG;
3184
3185                         *contents = q;
3186                 }
3187
3188                 if (type)
3189                         *type = SD_BUS_TYPE_VARIANT;
3190
3191                 return 1;
3192         }
3193
3194         return -EINVAL;
3195
3196 eof:
3197         if (type)
3198                 *type = c->enclosing;
3199         if (contents)
3200                 *contents = NULL;
3201         return 0;
3202 }
3203
3204 int sd_bus_message_rewind(sd_bus_message *m, int complete) {
3205         struct bus_container *c;
3206
3207         if (!m)
3208                 return -EINVAL;
3209         if (!m->sealed)
3210                 return -EPERM;
3211
3212         if (complete) {
3213                 message_reset_containers(m);
3214                 m->rindex = 0;
3215                 m->root_container.index = 0;
3216
3217                 c = message_get_container(m);
3218         } else {
3219                 c = message_get_container(m);
3220
3221                 c->index = 0;
3222                 m->rindex = c->begin;
3223         }
3224
3225         return !isempty(c->signature);
3226 }
3227 static int message_read_ap(
3228                 sd_bus_message *m,
3229                 const char *types,
3230                 va_list ap) {
3231
3232         unsigned n_array, n_struct;
3233         TypeStack stack[BUS_CONTAINER_DEPTH];
3234         unsigned stack_ptr = 0;
3235         int r;
3236
3237         assert(m);
3238
3239         if (!types)
3240                 return 0;
3241
3242         /* Ideally, we'd just call ourselves recursively on every
3243          * complex type. However, the state of a va_list that is
3244          * passed to a function is undefined after that function
3245          * returns. This means we need to docode the va_list linearly
3246          * in a single stackframe. We hence implement our own
3247          * home-grown stack in an array. */
3248
3249         n_array = (unsigned) -1;
3250         n_struct = strlen(types);
3251
3252         for (;;) {
3253                 const char *t;
3254
3255                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
3256                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
3257                         if (r < 0)
3258                                 return r;
3259                         if (r == 0)
3260                                 break;
3261
3262                         r = sd_bus_message_exit_container(m);
3263                         if (r < 0)
3264                                 return r;
3265
3266                         continue;
3267                 }
3268
3269                 t = types;
3270                 if (n_array != (unsigned) -1)
3271                         n_array --;
3272                 else {
3273                         types ++;
3274                         n_struct--;
3275                 }
3276
3277                 switch (*t) {
3278
3279                 case SD_BUS_TYPE_BYTE:
3280                 case SD_BUS_TYPE_BOOLEAN:
3281                 case SD_BUS_TYPE_INT16:
3282                 case SD_BUS_TYPE_UINT16:
3283                 case SD_BUS_TYPE_INT32:
3284                 case SD_BUS_TYPE_UINT32:
3285                 case SD_BUS_TYPE_INT64:
3286                 case SD_BUS_TYPE_UINT64:
3287                 case SD_BUS_TYPE_DOUBLE:
3288                 case SD_BUS_TYPE_STRING:
3289                 case SD_BUS_TYPE_OBJECT_PATH:
3290                 case SD_BUS_TYPE_SIGNATURE:
3291                 case SD_BUS_TYPE_UNIX_FD: {
3292                         void *p;
3293
3294                         p = va_arg(ap, void*);
3295                         r = sd_bus_message_read_basic(m, *t, p);
3296                         if (r < 0)
3297                                 return r;
3298                         if (r == 0)
3299                                 return -ENXIO;
3300
3301                         break;
3302                 }
3303
3304                 case SD_BUS_TYPE_ARRAY: {
3305                         size_t k;
3306
3307                         r = signature_element_length(t + 1, &k);
3308                         if (r < 0)
3309                                 return r;
3310
3311                         {
3312                                 char s[k + 1];
3313                                 memcpy(s, t + 1, k);
3314                                 s[k] = 0;
3315
3316                                 r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, s);
3317                                 if (r < 0)
3318                                         return r;
3319                                 if (r == 0)
3320                                         return -ENXIO;
3321                         }
3322
3323                         if (n_array == (unsigned) -1) {
3324                                 types += k;
3325                                 n_struct -= k;
3326                         }
3327
3328                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3329                         if (r < 0)
3330                                 return r;
3331
3332                         types = t + 1;
3333                         n_struct = k;
3334                         n_array = va_arg(ap, unsigned);
3335
3336                         break;
3337                 }
3338
3339                 case SD_BUS_TYPE_VARIANT: {
3340                         const char *s;
3341
3342                         s = va_arg(ap, const char *);
3343                         if (!s)
3344                                 return -EINVAL;
3345
3346                         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_VARIANT, s);
3347                         if (r < 0)
3348                                 return r;
3349                         if (r == 0)
3350                                 return -ENXIO;
3351
3352                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3353                         if (r < 0)
3354                                 return r;
3355
3356                         types = s;
3357                         n_struct = strlen(s);
3358                         n_array = (unsigned) -1;
3359
3360                         break;
3361                 }
3362
3363                 case SD_BUS_TYPE_STRUCT_BEGIN:
3364                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
3365                         size_t k;
3366
3367                         r = signature_element_length(t, &k);
3368                         if (r < 0)
3369                                 return r;
3370
3371                         {
3372                                 char s[k - 1];
3373                                 memcpy(s, t + 1, k - 2);
3374                                 s[k - 2] = 0;
3375
3376                                 r = sd_bus_message_enter_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
3377                                 if (r < 0)
3378                                         return r;
3379                                 if (r == 0)
3380                                         return -ENXIO;
3381                         }
3382
3383                         if (n_array == (unsigned) -1) {
3384                                 types += k - 1;
3385                                 n_struct -= k - 1;
3386                         }
3387
3388                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3389                         if (r < 0)
3390                                 return r;
3391
3392                         types = t + 1;
3393                         n_struct = k - 2;
3394                         n_array = (unsigned) -1;
3395
3396                         break;
3397                 }
3398
3399                 default:
3400                         return -EINVAL;
3401                 }
3402         }
3403
3404         return 1;
3405 }
3406
3407 int sd_bus_message_read(sd_bus_message *m, const char *types, ...) {
3408         va_list ap;
3409         int r;
3410
3411         if (!m)
3412                 return -EINVAL;
3413         if (!m->sealed)
3414                 return -EPERM;
3415         if (!types)
3416                 return -EINVAL;
3417
3418         va_start(ap, types);
3419         r = message_read_ap(m, types, ap);
3420         va_end(ap);
3421
3422         return r;
3423 }
3424
3425 int sd_bus_message_read_array(sd_bus_message *m, char type, const void **ptr, size_t *size) {
3426         struct bus_container *c;
3427         void *p;
3428         size_t sz;
3429         ssize_t align;
3430         int r;
3431
3432         if (!m)
3433                 return -EINVAL;
3434         if (!m->sealed)
3435                 return -EPERM;
3436         if (!bus_type_is_trivial(type))
3437                 return -EINVAL;
3438         if (!ptr)
3439                 return -EINVAL;
3440         if (!size)
3441                 return -EINVAL;
3442         if (BUS_MESSAGE_NEED_BSWAP(m))
3443                 return -ENOTSUP;
3444
3445         align = bus_type_get_alignment(type);
3446         if (align < 0)
3447                 return align;
3448
3449         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
3450         if (r <= 0)
3451                 return r;
3452
3453         c = message_get_container(m);
3454         sz = BUS_MESSAGE_BSWAP32(m, *c->array_size);
3455
3456         r = message_peek_body(m, &m->rindex, align, sz, &p);
3457         if (r < 0)
3458                 goto fail;
3459         if (r == 0) {
3460                 r = -EBADMSG;
3461                 goto fail;
3462         }
3463
3464         r = sd_bus_message_exit_container(m);
3465         if (r < 0)
3466                 goto fail;
3467
3468         *ptr = (const void*) p;
3469         *size = sz;
3470
3471         return 1;
3472
3473 fail:
3474         message_quit_container(m);
3475         return r;
3476 }
3477
3478 static int message_peek_fields(
3479                 sd_bus_message *m,
3480                 size_t *rindex,
3481                 size_t align,
3482                 size_t nbytes,
3483                 void **ret) {
3484
3485         assert(m);
3486         assert(rindex);
3487         assert(align > 0);
3488
3489         return buffer_peek(BUS_MESSAGE_FIELDS(m), BUS_MESSAGE_FIELDS_SIZE(m), rindex, align, nbytes, ret);
3490 }
3491
3492 static int message_peek_field_uint32(
3493                 sd_bus_message *m,
3494                 size_t *ri,
3495                 uint32_t *ret) {
3496
3497         int r;
3498         void *q;
3499
3500         assert(m);
3501         assert(ri);
3502
3503         r = message_peek_fields(m, ri, 4, 4, &q);
3504         if (r < 0)
3505                 return r;
3506
3507         if (ret)
3508                 *ret = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
3509
3510         return 0;
3511 }
3512
3513 static int message_peek_field_string(
3514                 sd_bus_message *m,
3515                 bool (*validate)(const char *p),
3516                 size_t *ri,
3517                 const char **ret) {
3518
3519         uint32_t l;
3520         int r;
3521         void *q;
3522
3523         assert(m);
3524         assert(ri);
3525
3526         r = message_peek_field_uint32(m, ri, &l);
3527         if (r < 0)
3528                 return r;
3529
3530         r = message_peek_fields(m, ri, 1, l+1, &q);
3531         if (r < 0)
3532                 return r;
3533
3534         if (validate) {
3535                 if (!validate_nul(q, l))
3536                         return -EBADMSG;
3537
3538                 if (!validate(q))
3539                         return -EBADMSG;
3540         } else {
3541                 if (!validate_string(q, l))
3542                         return -EBADMSG;
3543         }
3544
3545         if (ret)
3546                 *ret = q;
3547
3548         return 0;
3549 }
3550
3551 static int message_peek_field_signature(
3552                 sd_bus_message *m,
3553                 size_t *ri,
3554                 const char **ret) {
3555
3556         size_t l;
3557         int r;
3558         void *q;
3559
3560         assert(m);
3561         assert(ri);
3562
3563         r = message_peek_fields(m, ri, 1, 1, &q);
3564         if (r < 0)
3565                 return r;
3566
3567         l = *(uint8_t*) q;
3568         r = message_peek_fields(m, ri, 1, l+1, &q);
3569         if (r < 0)
3570                 return r;
3571
3572         if (!validate_signature(q, l))
3573                 return -EBADMSG;
3574
3575         if (ret)
3576                 *ret = q;
3577
3578         return 0;
3579 }
3580
3581 static int message_skip_fields(
3582                 sd_bus_message *m,
3583                 size_t *ri,
3584                 uint32_t array_size,
3585                 const char **signature) {
3586
3587         size_t original_index;
3588         int r;
3589
3590         assert(m);
3591         assert(ri);
3592         assert(signature);
3593
3594         original_index = *ri;
3595
3596         for (;;) {
3597                 char t;
3598                 size_t l;
3599
3600                 if (array_size != (uint32_t) -1 &&
3601                     array_size <= *ri - original_index)
3602                         return 0;
3603
3604                 t = **signature;
3605                 if (!t)
3606                         return 0;
3607
3608                 if (t == SD_BUS_TYPE_STRING) {
3609
3610                         r = message_peek_field_string(m, NULL, ri, NULL);
3611                         if (r < 0)
3612                                 return r;
3613
3614                         (*signature)++;
3615
3616                 } else if (t == SD_BUS_TYPE_OBJECT_PATH) {
3617
3618                         r = message_peek_field_string(m, object_path_is_valid, ri, NULL);
3619                         if (r < 0)
3620                                 return r;
3621
3622                         (*signature)++;
3623
3624                 } else if (t == SD_BUS_TYPE_SIGNATURE) {
3625
3626                         r = message_peek_field_signature(m, ri, NULL);
3627                         if (r < 0)
3628                                 return r;
3629
3630                         (*signature)++;
3631
3632                 } else if (bus_type_is_basic(t)) {
3633                         ssize_t align, k;
3634
3635                         align = bus_type_get_alignment(t);
3636                         k = bus_type_get_size(t);
3637                         assert(align > 0 && k > 0);
3638
3639                         r = message_peek_fields(m, ri, align, k, NULL);
3640                         if (r < 0)
3641                                 return r;
3642
3643                         (*signature)++;
3644
3645                 } else if (t == SD_BUS_TYPE_ARRAY) {
3646
3647                         r = signature_element_length(*signature+1, &l);
3648                         if (r < 0)
3649                                 return r;
3650
3651                         assert(l >= 1);
3652                         {
3653                                 char sig[l-1], *s;
3654                                 uint32_t nas;
3655                                 int alignment;
3656
3657                                 strncpy(sig, *signature + 1, l-1);
3658                                 s = sig;
3659
3660                                 alignment = bus_type_get_alignment(sig[0]);
3661                                 if (alignment < 0)
3662                                         return alignment;
3663
3664                                 r = message_peek_field_uint32(m, ri, &nas);
3665                                 if (r < 0)
3666                                         return r;
3667                                 if (nas > BUS_ARRAY_MAX_SIZE)
3668                                         return -EBADMSG;
3669
3670                                 r = message_peek_fields(m, ri, alignment, 0, NULL);
3671                                 if (r < 0)
3672                                         return r;
3673
3674                                 r = message_skip_fields(m, ri, nas, (const char**) &s);
3675                                 if (r < 0)
3676                                         return r;
3677                         }
3678
3679                         (*signature) += 1 + l;
3680
3681                 } else if (t == SD_BUS_TYPE_VARIANT) {
3682                         const char *s;
3683
3684                         r = message_peek_field_signature(m, ri, &s);
3685                         if (r < 0)
3686                                 return r;
3687
3688                         r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3689                         if (r < 0)
3690                                 return r;
3691
3692                         (*signature)++;
3693
3694                 } else if (t == SD_BUS_TYPE_STRUCT ||
3695                            t == SD_BUS_TYPE_DICT_ENTRY) {
3696
3697                         r = signature_element_length(*signature, &l);
3698                         if (r < 0)
3699                                 return r;
3700
3701                         assert(l >= 2);
3702                         {
3703                                 char sig[l-1], *s;
3704                                 strncpy(sig, *signature + 1, l-1);
3705                                 s = sig;
3706
3707                                 r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3708                                 if (r < 0)
3709                                         return r;
3710                         }
3711
3712                         *signature += l;
3713                 } else
3714                         return -EINVAL;
3715         }
3716 }
3717
3718 int bus_message_parse_fields(sd_bus_message *m) {
3719         size_t ri;
3720         int r;
3721         uint32_t unix_fds = 0;
3722
3723         assert(m);
3724
3725         for (ri = 0; ri < BUS_MESSAGE_FIELDS_SIZE(m); ) {
3726                 const char *signature;
3727                 uint8_t *header;
3728
3729                 r = message_peek_fields(m, &ri, 8, 1, (void**) &header);
3730                 if (r < 0)
3731                         return r;
3732
3733                 r = message_peek_field_signature(m, &ri, &signature);
3734                 if (r < 0)
3735                         return r;
3736
3737                 switch (*header) {
3738                 case _SD_BUS_MESSAGE_HEADER_INVALID:
3739                         return -EBADMSG;
3740
3741                 case SD_BUS_MESSAGE_HEADER_PATH:
3742
3743                         if (m->path)
3744                                 return -EBADMSG;
3745
3746                         if (!streq(signature, "o"))
3747                                 return -EBADMSG;
3748
3749                         r = message_peek_field_string(m, object_path_is_valid, &ri, &m->path);
3750                         break;
3751
3752                 case SD_BUS_MESSAGE_HEADER_INTERFACE:
3753
3754                         if (m->interface)
3755                                 return -EBADMSG;
3756
3757                         if (!streq(signature, "s"))