chiark / gitweb /
bus: update for kdbus changes
[elogind.git] / src / libsystemd-bus / bus-message.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4   This file is part of systemd.
5
6   Copyright 2013 Lennart Poettering
7
8   systemd is free software; you can redistribute it and/or modify it
9   under the terms of the GNU Lesser General Public License as published by
10   the Free Software Foundation; either version 2.1 of the License, or
11   (at your option) any later version.
12
13   systemd is distributed in the hope that it will be useful, but
14   WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16   Lesser General Public License for more details.
17
18   You should have received a copy of the GNU Lesser General Public License
19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <sys/mman.h>
25
26 #include "util.h"
27 #include "utf8.h"
28 #include "strv.h"
29 #include "time-util.h"
30 #include "cgroup-util.h"
31
32 #include "sd-bus.h"
33 #include "bus-message.h"
34 #include "bus-internal.h"
35 #include "bus-type.h"
36 #include "bus-signature.h"
37
38 static int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored);
39
40 static void *adjust_pointer(const void *p, void *old_base, size_t sz, void *new_base) {
41
42         if (p == NULL)
43                 return NULL;
44
45         if (old_base == new_base)
46                 return (void*) p;
47
48         if ((uint8_t*) p < (uint8_t*) old_base)
49                 return (void*) p;
50
51         if ((uint8_t*) p >= (uint8_t*) old_base + sz)
52                 return (void*) p;
53
54         return (uint8_t*) new_base + ((uint8_t*) p - (uint8_t*) old_base);
55 }
56
57 static void message_free_part(sd_bus_message *m, struct bus_body_part *part) {
58         assert(m);
59         assert(part);
60
61         if (part->memfd >= 0) {
62                 /* If we can reuse the memfd, try that. For that it
63                  * can't be sealed yet. */
64
65                 if (!part->sealed)
66                         bus_kernel_push_memfd(m->bus, part->memfd, part->data, part->mapped);
67                 else {
68                         if (part->mapped > 0)
69                                 assert_se(munmap(part->data, part->mapped) == 0);
70
71                         close_nointr_nofail(part->memfd);
72                 }
73
74         } else if (part->munmap_this)
75                 munmap(part->data, part->mapped);
76         else if (part->free_this)
77                 free(part->data);
78
79         if (part != &m->body)
80                 free(part);
81 }
82
83 static void message_reset_parts(sd_bus_message *m) {
84         struct bus_body_part *part;
85
86         assert(m);
87
88         part = &m->body;
89         while (m->n_body_parts > 0) {
90                 struct bus_body_part *next = part->next;
91                 message_free_part(m, part);
92                 part = next;
93                 m->n_body_parts--;
94         }
95
96         m->body_end = NULL;
97
98         m->cached_rindex_part = NULL;
99         m->cached_rindex_part_begin = 0;
100 }
101
102 static void message_reset_containers(sd_bus_message *m) {
103         unsigned i;
104
105         assert(m);
106
107         for (i = 0; i < m->n_containers; i++)
108                 free(m->containers[i].signature);
109
110         free(m->containers);
111         m->containers = NULL;
112
113         m->n_containers = 0;
114         m->root_container.index = 0;
115 }
116
117 static void message_free(sd_bus_message *m) {
118         assert(m);
119
120         if (m->free_header)
121                 free(m->header);
122
123         message_reset_parts(m);
124
125         if (m->free_kdbus)
126                 free(m->kdbus);
127
128         if (m->release_kdbus) {
129                 uint64_t off;
130
131                 off = (uint8_t *)m->kdbus - (uint8_t *)m->bus->kdbus_buffer;
132                 ioctl(m->bus->input_fd, KDBUS_CMD_MSG_RELEASE, &off);
133         }
134
135         if (m->bus)
136                 sd_bus_unref(m->bus);
137
138         if (m->free_fds) {
139                 close_many(m->fds, m->n_fds);
140                 free(m->fds);
141         }
142
143         if (m->iovec != m->iovec_fixed)
144                 free(m->iovec);
145
146         free(m->cmdline_array);
147
148         message_reset_containers(m);
149         free(m->root_container.signature);
150
151         free(m->peeked_signature);
152
153         free(m->unit);
154         free(m->user_unit);
155         free(m->session);
156         free(m);
157 }
158
159 static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz) {
160         void *op, *np;
161         size_t old_size, new_size, start;
162
163         assert(m);
164
165         if (m->poisoned)
166                 return NULL;
167
168         old_size = sizeof(struct bus_header) + m->header->fields_size;
169         start = ALIGN_TO(old_size, align);
170         new_size = start + sz;
171
172         if (old_size == new_size)
173                 return (uint8_t*) m->header + old_size;
174
175         if (new_size > (size_t) ((uint32_t) -1))
176                 goto poison;
177
178         if (m->free_header) {
179                 np = realloc(m->header, ALIGN8(new_size));
180                 if (!np)
181                         goto poison;
182         } else {
183                 /* Initially, the header is allocated as part of of
184                  * the sd_bus_message itself, let's replace it by
185                  * dynamic data */
186
187                 np = malloc(ALIGN8(new_size));
188                 if (!np)
189                         goto poison;
190
191                 memcpy(np, m->header, sizeof(struct bus_header));
192         }
193
194         /* Zero out padding */
195         if (start > old_size)
196                 memset((uint8_t*) np + old_size, 0, start - old_size);
197
198         op = m->header;
199         m->header = np;
200         m->header->fields_size = new_size - sizeof(struct bus_header);
201
202         /* Adjust quick access pointers */
203         m->path = adjust_pointer(m->path, op, old_size, m->header);
204         m->interface = adjust_pointer(m->interface, op, old_size, m->header);
205         m->member = adjust_pointer(m->member, op, old_size, m->header);
206         m->destination = adjust_pointer(m->destination, op, old_size, m->header);
207         m->sender = adjust_pointer(m->sender, op, old_size, m->header);
208         m->error.name = adjust_pointer(m->error.name, op, old_size, m->header);
209
210         m->free_header = true;
211
212         return (uint8_t*) np + start;
213
214 poison:
215         m->poisoned = true;
216         return NULL;
217 }
218
219 static int message_append_field_string(
220                 sd_bus_message *m,
221                 uint8_t h,
222                 char type,
223                 const char *s,
224                 const char **ret) {
225
226         size_t l;
227         uint8_t *p;
228
229         assert(m);
230
231         l = strlen(s);
232         if (l > (size_t) (uint32_t) -1)
233                 return -EINVAL;
234
235         /* field id byte + signature length + signature 's' + NUL + string length + string + NUL */
236         p = message_extend_fields(m, 8, 4 + 4 + l + 1);
237         if (!p)
238                 return -ENOMEM;
239
240         p[0] = h;
241         p[1] = 1;
242         p[2] = type;
243         p[3] = 0;
244
245         ((uint32_t*) p)[1] = l;
246         memcpy(p + 8, s, l + 1);
247
248         if (ret)
249                 *ret = (char*) p + 8;
250
251         return 0;
252 }
253
254 static int message_append_field_signature(
255                 sd_bus_message *m,
256                 uint8_t h,
257                 const char *s,
258                 const char **ret) {
259
260         size_t l;
261         uint8_t *p;
262
263         assert(m);
264
265         l = strlen(s);
266         if (l > 255)
267                 return -EINVAL;
268
269         /* field id byte + signature length + signature 'g' + NUL + string length + string + NUL */
270         p = message_extend_fields(m, 8, 4 + 1 + l + 1);
271         if (!p)
272                 return -ENOMEM;
273
274         p[0] = h;
275         p[1] = 1;
276         p[2] = SD_BUS_TYPE_SIGNATURE;
277         p[3] = 0;
278         p[4] = l;
279         memcpy(p + 5, s, l + 1);
280
281         if (ret)
282                 *ret = (const char*) p + 5;
283
284         return 0;
285 }
286
287 static int message_append_field_uint32(sd_bus_message *m, uint8_t h, uint32_t x) {
288         uint8_t *p;
289
290         assert(m);
291
292         /* field id byte + signature length + signature 'u' + NUL + value */
293         p = message_extend_fields(m, 8, 4 + 4);
294         if (!p)
295                 return -ENOMEM;
296
297         p[0] = h;
298         p[1] = 1;
299         p[2] = SD_BUS_TYPE_UINT32;
300         p[3] = 0;
301
302         ((uint32_t*) p)[1] = x;
303
304         return 0;
305 }
306
307 int bus_message_from_header(
308                 void *buffer,
309                 size_t length,
310                 int *fds,
311                 unsigned n_fds,
312                 const struct ucred *ucred,
313                 const char *label,
314                 size_t extra,
315                 sd_bus_message **ret) {
316
317         sd_bus_message *m;
318         struct bus_header *h;
319         size_t a, label_sz;
320
321         assert(buffer || length <= 0);
322         assert(fds || n_fds <= 0);
323         assert(ret);
324
325         if (length < sizeof(struct bus_header))
326                 return -EBADMSG;
327
328         h = buffer;
329         if (h->version != 1)
330                 return -EBADMSG;
331
332         if (h->serial == 0)
333                 return -EBADMSG;
334
335         if (h->type == _SD_BUS_MESSAGE_TYPE_INVALID)
336                 return -EBADMSG;
337
338         if (h->endian != SD_BUS_LITTLE_ENDIAN &&
339             h->endian != SD_BUS_BIG_ENDIAN)
340                 return -EBADMSG;
341
342         a = ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
343
344         if (label) {
345                 label_sz = strlen(label);
346                 a += label_sz + 1;
347         }
348
349         m = malloc0(a);
350         if (!m)
351                 return -ENOMEM;
352
353         m->n_ref = 1;
354         m->sealed = true;
355         m->header = h;
356         m->fds = fds;
357         m->n_fds = n_fds;
358
359         if (ucred) {
360                 m->uid = ucred->uid;
361                 m->pid = ucred->pid;
362                 m->gid = ucred->gid;
363                 m->uid_valid = m->gid_valid = true;
364         }
365
366         if (label) {
367                 m->label = (char*) m + ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
368                 memcpy(m->label, label, label_sz + 1);
369         }
370
371         *ret = m;
372         return 0;
373 }
374
375 int bus_message_from_malloc(
376                 void *buffer,
377                 size_t length,
378                 int *fds,
379                 unsigned n_fds,
380                 const struct ucred *ucred,
381                 const char *label,
382                 sd_bus_message **ret) {
383
384         sd_bus_message *m;
385         int r;
386
387         r = bus_message_from_header(buffer, length, fds, n_fds, ucred, label, 0, &m);
388         if (r < 0)
389                 return r;
390
391         if (length != BUS_MESSAGE_SIZE(m)) {
392                 r = -EBADMSG;
393                 goto fail;
394         }
395
396         m->n_body_parts = 1;
397         m->body.data = (uint8_t*) buffer + sizeof(struct bus_header) + ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
398         m->body.size = length - sizeof(struct bus_header) - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
399         m->body.sealed = true;
400         m->body.memfd = -1;
401
402         m->n_iovec = 1;
403         m->iovec = m->iovec_fixed;
404         m->iovec[0].iov_base = buffer;
405         m->iovec[0].iov_len = length;
406
407         r = bus_message_parse_fields(m);
408         if (r < 0)
409                 goto fail;
410
411         /* We take possession of the memory and fds now */
412         m->free_header = true;
413         m->free_fds = true;
414
415         *ret = m;
416         return 0;
417
418 fail:
419         message_free(m);
420         return r;
421 }
422
423 static sd_bus_message *message_new(sd_bus *bus, uint8_t type) {
424         sd_bus_message *m;
425
426         m = malloc0(ALIGN(sizeof(sd_bus_message)) + sizeof(struct bus_header));
427         if (!m)
428                 return NULL;
429
430         m->n_ref = 1;
431         m->header = (struct bus_header*) ((uint8_t*) m + ALIGN(sizeof(struct sd_bus_message)));
432         m->header->endian = SD_BUS_NATIVE_ENDIAN;
433         m->header->type = type;
434         m->header->version = bus ? bus->message_version : 1;
435         m->allow_fds = !bus || bus->can_fds || (bus->state != BUS_HELLO && bus->state != BUS_RUNNING);
436
437         if (bus)
438                 m->bus = sd_bus_ref(bus);
439
440         return m;
441 }
442
443 int sd_bus_message_new_signal(
444                 sd_bus *bus,
445                 const char *path,
446                 const char *interface,
447                 const char *member,
448                 sd_bus_message **m) {
449
450         sd_bus_message *t;
451         int r;
452
453         if (!path)
454                 return -EINVAL;
455         if (!interface)
456                 return -EINVAL;
457         if (!member)
458                 return -EINVAL;
459         if (!m)
460                 return -EINVAL;
461         if (bus && bus->state == BUS_UNSET)
462                 return -ENOTCONN;
463
464         t = message_new(bus, SD_BUS_MESSAGE_TYPE_SIGNAL);
465         if (!t)
466                 return -ENOMEM;
467
468         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
469
470         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
471         if (r < 0)
472                 goto fail;
473         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
474         if (r < 0)
475                 goto fail;
476         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
477         if (r < 0)
478                 goto fail;
479
480         *m = t;
481         return 0;
482
483 fail:
484         sd_bus_message_unref(t);
485         return r;
486 }
487
488 int sd_bus_message_new_method_call(
489                 sd_bus *bus,
490                 const char *destination,
491                 const char *path,
492                 const char *interface,
493                 const char *member,
494                 sd_bus_message **m) {
495
496         sd_bus_message *t;
497         int r;
498
499         if (!path)
500                 return -EINVAL;
501         if (!member)
502                 return -EINVAL;
503         if (!m)
504                 return -EINVAL;
505         if (bus && bus->state == BUS_UNSET)
506                 return -ENOTCONN;
507
508         t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_CALL);
509         if (!t)
510                 return -ENOMEM;
511
512         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
513         if (r < 0)
514                 goto fail;
515         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
516         if (r < 0)
517                 goto fail;
518
519         if (interface) {
520                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
521                 if (r < 0)
522                         goto fail;
523         }
524
525         if (destination) {
526                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, destination, &t->destination);
527                 if (r < 0)
528                         goto fail;
529         }
530
531         *m = t;
532         return 0;
533
534 fail:
535         message_free(t);
536         return r;
537 }
538
539 static int message_new_reply(
540                 sd_bus *bus,
541                 sd_bus_message *call,
542                 uint8_t type,
543                 sd_bus_message **m) {
544
545         sd_bus_message *t;
546         int r;
547
548         if (!call)
549                 return -EINVAL;
550         if (!call->sealed)
551                 return -EPERM;
552         if (call->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
553                 return -EINVAL;
554         if (!m)
555                 return -EINVAL;
556         if (bus && bus->state == BUS_UNSET)
557                 return -ENOTCONN;
558
559         t = message_new(bus, type);
560         if (!t)
561                 return -ENOMEM;
562
563         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
564         t->reply_serial = BUS_MESSAGE_SERIAL(call);
565
566         r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
567         if (r < 0)
568                 goto fail;
569
570         if (call->sender) {
571                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, call->sender, &t->destination);
572                 if (r < 0)
573                         goto fail;
574         }
575
576         t->dont_send = !!(call->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED);
577
578         *m = t;
579         return 0;
580
581 fail:
582         message_free(t);
583         return r;
584 }
585
586 int sd_bus_message_new_method_return(
587                 sd_bus *bus,
588                 sd_bus_message *call,
589                 sd_bus_message **m) {
590
591         return message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_RETURN, m);
592 }
593
594 int sd_bus_message_new_method_error(
595                 sd_bus *bus,
596                 sd_bus_message *call,
597                 const sd_bus_error *e,
598                 sd_bus_message **m) {
599
600         sd_bus_message *t;
601         int r;
602
603         if (!sd_bus_error_is_set(e))
604                 return -EINVAL;
605         if (!m)
606                 return -EINVAL;
607
608         r = message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_ERROR, &t);
609         if (r < 0)
610                 return r;
611
612         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_ERROR_NAME, SD_BUS_TYPE_STRING, e->name, &t->error.name);
613         if (r < 0)
614                 goto fail;
615
616         if (e->message) {
617                 r = message_append_basic(t, SD_BUS_TYPE_STRING, e->message, (const void**) &t->error.message);
618                 if (r < 0)
619                         goto fail;
620         }
621
622         *m = t;
623         return 0;
624
625 fail:
626         message_free(t);
627         return r;
628 }
629
630 int bus_message_new_synthetic_error(
631                 sd_bus *bus,
632                 uint64_t serial,
633                 const sd_bus_error *e,
634                 sd_bus_message **m) {
635
636         sd_bus_message *t;
637         int r;
638
639         assert(sd_bus_error_is_set(e));
640         assert(m);
641
642         t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_ERROR);
643         if (!t)
644                 return -ENOMEM;
645
646         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
647         t->reply_serial = serial;
648
649         r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
650         if (r < 0)
651                 goto fail;
652
653         if (bus && bus->unique_name) {
654                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, bus->unique_name, &t->destination);
655                 if (r < 0)
656                         goto fail;
657         }
658
659         *m = t;
660         return 0;
661
662 fail:
663         message_free(t);
664         return r;
665 }
666
667 sd_bus_message* sd_bus_message_ref(sd_bus_message *m) {
668         if (!m)
669                 return NULL;
670
671         assert(m->n_ref > 0);
672         m->n_ref++;
673
674         return m;
675 }
676
677 sd_bus_message* sd_bus_message_unref(sd_bus_message *m) {
678         if (!m)
679                 return NULL;
680
681         assert(m->n_ref > 0);
682         m->n_ref--;
683
684         if (m->n_ref <= 0)
685                 message_free(m);
686
687         return NULL;
688 }
689
690 int sd_bus_message_get_type(sd_bus_message *m, uint8_t *type) {
691         if (!m)
692                 return -EINVAL;
693         if (!type)
694                 return -EINVAL;
695
696         *type = m->header->type;
697         return 0;
698 }
699
700 int sd_bus_message_get_serial(sd_bus_message *m, uint64_t *serial) {
701         if (!m)
702                 return -EINVAL;
703         if (!serial)
704                 return -EINVAL;
705         if (m->header->serial == 0)
706                 return -ENOENT;
707
708         *serial = BUS_MESSAGE_SERIAL(m);
709         return 0;
710 }
711
712 int sd_bus_message_get_reply_serial(sd_bus_message *m, uint64_t *serial) {
713         if (!m)
714                 return -EINVAL;
715         if (!serial)
716                 return -EINVAL;
717         if (m->reply_serial == 0)
718                 return -ENOENT;
719
720         *serial = m->reply_serial;
721         return 0;
722 }
723
724 int sd_bus_message_get_no_reply(sd_bus_message *m) {
725         if (!m)
726                 return -EINVAL;
727
728         return m->header->type == SD_BUS_MESSAGE_TYPE_METHOD_CALL ? !!(m->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED) : 0;
729 }
730
731 const char *sd_bus_message_get_path(sd_bus_message *m) {
732         if (!m)
733                 return NULL;
734
735         return m->path;
736 }
737
738 const char *sd_bus_message_get_interface(sd_bus_message *m) {
739         if (!m)
740                 return NULL;
741
742         return m->interface;
743 }
744
745 const char *sd_bus_message_get_member(sd_bus_message *m) {
746         if (!m)
747                 return NULL;
748
749         return m->member;
750 }
751 const char *sd_bus_message_get_destination(sd_bus_message *m) {
752         if (!m)
753                 return NULL;
754
755         return m->destination;
756 }
757
758 const char *sd_bus_message_get_sender(sd_bus_message *m) {
759         if (!m)
760                 return NULL;
761
762         return m->sender;
763 }
764
765 const sd_bus_error *sd_bus_message_get_error(sd_bus_message *m) {
766         if (!m)
767                 return NULL;
768
769         if (!sd_bus_error_is_set(&m->error))
770                 return NULL;
771
772         return &m->error;
773 }
774
775 int sd_bus_message_get_uid(sd_bus_message *m, uid_t *uid) {
776         if (!m)
777                 return -EINVAL;
778         if (!uid)
779                 return -EINVAL;
780         if (!m->uid_valid)
781                 return -ESRCH;
782
783         *uid = m->uid;
784         return 0;
785 }
786
787 int sd_bus_message_get_gid(sd_bus_message *m, gid_t *gid) {
788         if (!m)
789                 return -EINVAL;
790         if (!gid)
791                 return -EINVAL;
792         if (!m->gid_valid)
793                 return -ESRCH;
794
795         *gid = m->gid;
796         return 0;
797 }
798
799 int sd_bus_message_get_pid(sd_bus_message *m, pid_t *pid) {
800         if (!m)
801                 return -EINVAL;
802         if (!pid)
803                 return -EINVAL;
804         if (m->pid <= 0)
805                 return -ESRCH;
806
807         *pid = m->pid;
808         return 0;
809 }
810
811 int sd_bus_message_get_tid(sd_bus_message *m, pid_t *tid) {
812         if (!m)
813                 return -EINVAL;
814         if (!tid)
815                 return -EINVAL;
816         if (m->tid <= 0)
817                 return -ESRCH;
818
819         *tid = m->tid;
820         return 0;
821 }
822
823 int sd_bus_message_get_pid_starttime(sd_bus_message *m, uint64_t *usec) {
824         if (!m)
825                 return -EINVAL;
826         if (!usec)
827                 return -EINVAL;
828         if (m->pid_starttime <= 0)
829                 return -ESRCH;
830
831         *usec = m->pid_starttime;
832         return 0;
833 }
834
835 int sd_bus_message_get_selinux_context(sd_bus_message *m, const char **ret) {
836         if (!m)
837                 return -EINVAL;
838         if (!m->label)
839                 return -ESRCH;
840
841         *ret = m->label;
842         return 0;
843 }
844
845 int sd_bus_message_get_monotonic_timestamp(sd_bus_message *m, uint64_t *usec) {
846         if (!m)
847                 return -EINVAL;
848         if (!usec)
849                 return -EINVAL;
850         if (m->monotonic <= 0)
851                 return -ESRCH;
852
853         *usec = m->monotonic;
854         return 0;
855 }
856
857 int sd_bus_message_get_realtime_timestamp(sd_bus_message *m, uint64_t *usec) {
858         if (!m)
859                 return -EINVAL;
860         if (!usec)
861                 return -EINVAL;
862         if (m->realtime <= 0)
863                 return -ESRCH;
864
865         *usec = m->realtime;
866         return 0;
867 }
868
869 int sd_bus_message_get_comm(sd_bus_message *m, const char **ret) {
870         if (!m)
871                 return -EINVAL;
872         if (!ret)
873                 return -EINVAL;
874         if (!m->comm)
875                 return -ESRCH;
876
877         *ret = m->comm;
878         return 0;
879 }
880
881 int sd_bus_message_get_tid_comm(sd_bus_message *m, const char **ret) {
882         if (!m)
883                 return -EINVAL;
884         if (!ret)
885                 return -EINVAL;
886         if (!m->tid_comm)
887                 return -ESRCH;
888
889         *ret = m->tid_comm;
890         return 0;
891 }
892
893 int sd_bus_message_get_exe(sd_bus_message *m, const char **ret) {
894         if (!m)
895                 return -EINVAL;
896         if (!ret)
897                 return -EINVAL;
898         if (!m->exe)
899                 return -ESRCH;
900
901         *ret = m->exe;
902         return 0;
903 }
904
905 int sd_bus_message_get_cgroup(sd_bus_message *m, const char **ret) {
906         if (!m)
907                 return -EINVAL;
908         if (!ret)
909                 return -EINVAL;
910         if (!m->cgroup)
911                 return -ESRCH;
912
913         *ret = m->cgroup;
914         return 0;
915 }
916
917 int sd_bus_message_get_unit(sd_bus_message *m, const char **ret) {
918         int r;
919
920         if (!m)
921                 return -EINVAL;
922         if (!ret)
923                 return -EINVAL;
924         if (!m->cgroup)
925                 return -ESRCH;
926
927         if (!m->unit) {
928                 r = cg_path_get_unit(m->cgroup, &m->unit);
929                 if (r < 0)
930                         return r;
931         }
932
933         *ret = m->unit;
934         return 0;
935 }
936
937 int sd_bus_message_get_user_unit(sd_bus_message *m, const char **ret) {
938         int r;
939
940         if (!m)
941                 return -EINVAL;
942         if (!ret)
943                 return -EINVAL;
944         if (!m->cgroup)
945                 return -ESRCH;
946
947         if (!m->user_unit) {
948                 r = cg_path_get_user_unit(m->cgroup, &m->user_unit);
949                 if (r < 0)
950                         return r;
951         }
952
953         *ret = m->user_unit;
954         return 0;
955 }
956
957 int sd_bus_message_get_session(sd_bus_message *m, const char **ret) {
958         int r;
959
960         if (!m)
961                 return -EINVAL;
962         if (!ret)
963                 return -EINVAL;
964         if (!m->cgroup)
965                 return -ESRCH;
966
967         if (!m->session) {
968                 r = cg_path_get_session(m->cgroup, &m->session);
969                 if (r < 0)
970                         return r;
971         }
972
973         *ret = m->session;
974         return 0;
975 }
976
977 int sd_bus_message_get_owner_uid(sd_bus_message *m, uid_t *uid) {
978         if (!m)
979                 return -EINVAL;
980         if (!uid)
981                 return -EINVAL;
982         if (!m->cgroup)
983                 return -ESRCH;
984
985         return cg_path_get_owner_uid(m->cgroup, uid);
986 }
987
988 int sd_bus_message_get_cmdline(sd_bus_message *m, char ***cmdline) {
989         size_t n, i;
990         const char *p;
991         bool first;
992
993         if (!m)
994                 return -EINVAL;
995
996         if (!m->cmdline)
997                 return -ENOENT;
998
999         for (p = m->cmdline, n = 0; p < m->cmdline + m->cmdline_length; p++)
1000                 if (*p == 0)
1001                         n++;
1002
1003         m->cmdline_array = new(char*, n + 1);
1004         if (!m->cmdline_array)
1005                 return -ENOMEM;
1006
1007         for (p = m->cmdline, i = 0, first = true; p < m->cmdline + m->cmdline_length; p++) {
1008                 if (first)
1009                         m->cmdline_array[i++] = (char*) p;
1010
1011                 first = *p == 0;
1012         }
1013
1014         m->cmdline_array[i] = NULL;
1015         *cmdline = m->cmdline_array;
1016
1017         return 0;
1018 }
1019
1020 int sd_bus_message_get_audit_sessionid(sd_bus_message *m, uint32_t *sessionid) {
1021         if (!m)
1022                 return -EINVAL;
1023         if (!sessionid)
1024                 return -EINVAL;
1025         if (!m->audit)
1026                 return -ESRCH;
1027
1028         *sessionid = m->audit->sessionid;
1029         return 0;
1030 }
1031
1032 int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *uid) {
1033         if (!m)
1034                 return -EINVAL;
1035         if (!uid)
1036                 return -EINVAL;
1037         if (!m->audit)
1038                 return -ESRCH;
1039
1040         *uid = m->audit->loginuid;
1041         return 0;
1042 }
1043
1044 int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability) {
1045         unsigned sz;
1046
1047         if (!m)
1048                 return -EINVAL;
1049         if (capability < 0)
1050                 return -EINVAL;
1051         if (!m->capability)
1052                 return -ESRCH;
1053
1054         sz = m->capability_size / 4;
1055         if ((unsigned) capability >= sz*8)
1056                 return 0;
1057
1058         return !!(m->capability[2 * sz + (capability / 8)] & (1 << (capability % 8)));
1059 }
1060
1061 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member) {
1062         if (!m)
1063                 return -EINVAL;
1064
1065         if (m->header->type != SD_BUS_MESSAGE_TYPE_SIGNAL)
1066                 return 0;
1067
1068         if (interface && (!m->interface || !streq(m->interface, interface)))
1069                 return 0;
1070
1071         if (member &&  (!m->member || !streq(m->member, member)))
1072                 return 0;
1073
1074         return 1;
1075 }
1076
1077 int sd_bus_message_is_method_call(sd_bus_message *m, const char *interface, const char *member) {
1078         if (!m)
1079                 return -EINVAL;
1080
1081         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1082                 return 0;
1083
1084         if (interface && (!m->interface || !streq(m->interface, interface)))
1085                 return 0;
1086
1087         if (member &&  (!m->member || !streq(m->member, member)))
1088                 return 0;
1089
1090         return 1;
1091 }
1092
1093 int sd_bus_message_is_method_error(sd_bus_message *m, const char *name) {
1094         if (!m)
1095                 return -EINVAL;
1096
1097         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_ERROR)
1098                 return 0;
1099
1100         if (name && (!m->error.name || !streq(m->error.name, name)))
1101                 return 0;
1102
1103         return 1;
1104 }
1105
1106 int sd_bus_message_set_no_reply(sd_bus_message *m, int b) {
1107         if (!m)
1108                 return -EINVAL;
1109         if (m->sealed)
1110                 return -EPERM;
1111         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1112                 return -EPERM;
1113
1114         if (b)
1115                 m->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1116         else
1117                 m->header->flags &= ~SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1118
1119         return 0;
1120 }
1121
1122 static struct bus_container *message_get_container(sd_bus_message *m) {
1123         assert(m);
1124
1125         if (m->n_containers == 0)
1126                 return &m->root_container;
1127
1128         assert(m->containers);
1129         return m->containers + m->n_containers - 1;
1130 }
1131
1132 struct bus_body_part *message_append_part(sd_bus_message *m) {
1133         struct bus_body_part *part;
1134
1135         assert(m);
1136
1137         if (m->poisoned)
1138                 return NULL;
1139
1140         if (m->n_body_parts <= 0) {
1141                 part = &m->body;
1142                 zero(*part);
1143         } else {
1144                 assert(m->body_end);
1145
1146                 part = new0(struct bus_body_part, 1);
1147                 if (!part) {
1148                         m->poisoned = true;
1149                         return NULL;
1150                 }
1151
1152                 m->body_end->next = part;
1153         }
1154
1155         part->memfd = -1;
1156         m->body_end = part;
1157         m->n_body_parts ++;
1158
1159         return part;
1160 }
1161
1162 static void part_zero(struct bus_body_part *part, size_t sz) {
1163         assert(part);
1164         assert(sz > 0);
1165         assert(sz < 8);
1166
1167         /* All other fields can be left in their defaults */
1168         assert(!part->data);
1169         assert(part->memfd < 0);
1170
1171         part->size = sz;
1172         part->is_zero = true;
1173         part->sealed = true;
1174 }
1175
1176 static int part_make_space(
1177                 struct sd_bus_message *m,
1178                 struct bus_body_part *part,
1179                 size_t sz,
1180                 void **q) {
1181
1182         void *n;
1183         int r;
1184
1185         assert(m);
1186         assert(part);
1187         assert(!part->sealed);
1188
1189         if (m->poisoned)
1190                 return -ENOMEM;
1191
1192         if (!part->data && part->memfd < 0)
1193                 part->memfd = bus_kernel_pop_memfd(m->bus, &part->data, &part->mapped);
1194
1195         if (part->memfd >= 0) {
1196                 uint64_t u = sz;
1197
1198                 r = ioctl(part->memfd, KDBUS_CMD_MEMFD_SIZE_SET, &u);
1199                 if (r < 0) {
1200                         m->poisoned = true;
1201                         return -errno;
1202                 }
1203
1204                 if (!part->data || sz > part->mapped) {
1205                         size_t psz = PAGE_ALIGN(sz > 0 ? sz : 1);
1206
1207                         if (part->mapped <= 0)
1208                                 n = mmap(NULL, psz, PROT_READ|PROT_WRITE, MAP_SHARED, part->memfd, 0);
1209                         else
1210                                 n = mremap(part->data, part->mapped, psz, MREMAP_MAYMOVE);
1211
1212                         if (n == MAP_FAILED) {
1213                                 m->poisoned = true;
1214                                 return -errno;
1215                         }
1216
1217                         part->mapped = psz;
1218                         part->data = n;
1219                         part->munmap_this = true;
1220                 }
1221         } else {
1222                 n = realloc(part->data, sz);
1223                 if (!n) {
1224                         m->poisoned = true;
1225                         return -ENOMEM;
1226                 }
1227
1228                 part->data = n;
1229                 part->free_this = true;
1230         }
1231
1232         if (q)
1233                 *q = part->data ? (uint8_t*) part->data + part->size : NULL;
1234
1235         part->size = sz;
1236         return 0;
1237 }
1238
1239 static void message_extend_containers(sd_bus_message *m, size_t expand) {
1240         struct bus_container *c;
1241
1242         assert(m);
1243
1244         if (expand <= 0)
1245                 return;
1246
1247         /* Update counters */
1248         for (c = m->containers; c < m->containers + m->n_containers; c++)
1249                 if (c->array_size)
1250                         *c->array_size += expand;
1251 }
1252
1253 static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
1254         struct bus_body_part *part = NULL;
1255         size_t start_body, end_body, padding, start_part, end_part, added;
1256         bool add_new_part;
1257         void *p;
1258         int r;
1259
1260         assert(m);
1261         assert(align > 0);
1262         assert(!m->sealed);
1263
1264         if (m->poisoned)
1265                 return NULL;
1266
1267         start_body = ALIGN_TO((size_t) m->header->body_size, align);
1268         end_body = start_body + sz;
1269
1270         padding = start_body - m->header->body_size;
1271         added = padding + sz;
1272
1273         /* Check for 32bit overflows */
1274         if (end_body > (size_t) ((uint32_t) -1)) {
1275                 m->poisoned = true;
1276                 return NULL;
1277         }
1278
1279         add_new_part =
1280                 m->n_body_parts <= 0 ||
1281                 m->body_end->sealed ||
1282                 padding != ALIGN_TO(m->body_end->size, align) - m->body_end->size;
1283
1284         if (add_new_part) {
1285                 if (padding > 0) {
1286                         part = message_append_part(m);
1287                         if (!part)
1288                                 return NULL;
1289
1290                         part_zero(part, padding);
1291                 }
1292
1293                 part = message_append_part(m);
1294                 if (!part)
1295                         return NULL;
1296
1297                 r = part_make_space(m, part, sz, &p);
1298                 if (r < 0)
1299                         return NULL;
1300         } else {
1301                 struct bus_container *c;
1302                 void *op;
1303                 size_t os;
1304
1305                 part = m->body_end;
1306                 op = part->data;
1307                 os = part->size;
1308
1309                 start_part = ALIGN_TO(part->size, align);
1310                 end_part = start_part + sz;
1311
1312                 r = part_make_space(m, part, end_part, &p);
1313                 if (r < 0)
1314                         return NULL;
1315
1316                 if (padding > 0) {
1317                         memset(p, 0, padding);
1318                         p = (uint8_t*) p + padding;
1319                 }
1320
1321                 /* Readjust pointers */
1322                 for (c = m->containers; c < m->containers + m->n_containers; c++)
1323                         c->array_size = adjust_pointer(c->array_size, op, os, part->data);
1324
1325                 m->error.message = (const char*) adjust_pointer(m->error.message, op, os, part->data);
1326         }
1327
1328         m->header->body_size = end_body;
1329         message_extend_containers(m, added);
1330
1331         return p;
1332 }
1333
1334 int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored) {
1335         struct bus_container *c;
1336         ssize_t align, sz;
1337         uint32_t k;
1338         void *a;
1339         int fd = -1;
1340         uint32_t fdi = 0;
1341         int r;
1342
1343         if (!m)
1344                 return -EINVAL;
1345         if (!p)
1346                 return -EINVAL;
1347         if (m->sealed)
1348                 return -EPERM;
1349         if (!bus_type_is_basic(type))
1350                 return -EINVAL;
1351         if (m->poisoned)
1352                 return -ESTALE;
1353
1354         c = message_get_container(m);
1355
1356         if (c->signature && c->signature[c->index]) {
1357                 /* Container signature is already set */
1358
1359                 if (c->signature[c->index] != type)
1360                         return -ENXIO;
1361         } else {
1362                 char *e;
1363
1364                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1365                 if (c->enclosing != 0)
1366                         return -ENXIO;
1367
1368                 e = strextend(&c->signature, CHAR_TO_STR(type), NULL);
1369                 if (!e) {
1370                         m->poisoned = true;
1371                         return -ENOMEM;
1372                 }
1373         }
1374
1375         switch (type) {
1376
1377         case SD_BUS_TYPE_STRING:
1378         case SD_BUS_TYPE_OBJECT_PATH:
1379
1380                 align = 4;
1381                 sz = 4 + strlen(p) + 1;
1382                 break;
1383
1384         case SD_BUS_TYPE_SIGNATURE:
1385
1386                 align = 1;
1387                 sz = 1 + strlen(p) + 1;
1388                 break;
1389
1390         case SD_BUS_TYPE_BOOLEAN:
1391                 align = sz = 4;
1392
1393                 assert_cc(sizeof(int) == sizeof(uint32_t));
1394                 memcpy(&k, p, 4);
1395                 k = !!k;
1396                 p = &k;
1397                 break;
1398
1399         case SD_BUS_TYPE_UNIX_FD: {
1400                 int z, *f;
1401
1402                 if (!m->allow_fds) {
1403                         r = -ENOTSUP;
1404                         goto fail;
1405                 }
1406
1407                 align = sz = 4;
1408
1409                 z = *(int*) p;
1410                 if (z < 0) {
1411                         r = -EINVAL;
1412                         goto fail;
1413                 }
1414
1415                 fd = fcntl(z, F_DUPFD_CLOEXEC, 3);
1416                 if (fd < 0) {
1417                         r = -errno;
1418                         goto fail;
1419                 }
1420
1421                 f = realloc(m->fds, sizeof(int) * (m->n_fds + 1));
1422                 if (!f) {
1423                         m->poisoned = true;
1424                         r = -ENOMEM;
1425                         goto fail;
1426                 }
1427
1428                 fdi = m->n_fds;
1429                 f[fdi] = fd;
1430                 m->fds = f;
1431                 m->free_fds = true;
1432                 break;
1433         }
1434
1435         default:
1436                 align = bus_type_get_alignment(type);
1437                 sz = bus_type_get_size(type);
1438                 break;
1439         }
1440
1441         assert(align > 0);
1442         assert(sz > 0);
1443
1444         a = message_extend_body(m, align, sz);
1445         if (!a) {
1446                 r = -ENOMEM;
1447                 goto fail;
1448         }
1449
1450         if (type == SD_BUS_TYPE_STRING || type == SD_BUS_TYPE_OBJECT_PATH) {
1451                 *(uint32_t*) a = sz - 5;
1452                 memcpy((uint8_t*) a + 4, p, sz - 4);
1453
1454                 if (stored)
1455                         *stored = (const uint8_t*) a + 4;
1456
1457         } else if (type == SD_BUS_TYPE_SIGNATURE) {
1458                 *(uint8_t*) a = sz - 1;
1459                 memcpy((uint8_t*) a + 1, p, sz - 1);
1460
1461                 if (stored)
1462                         *stored = (const uint8_t*) a + 1;
1463         } else if (type == SD_BUS_TYPE_UNIX_FD) {
1464                 *(uint32_t*) a = fdi;
1465
1466                 if (stored)
1467                         *stored = a;
1468
1469                 m->n_fds ++;
1470
1471         } else {
1472                 memcpy(a, p, sz);
1473
1474                 if (stored)
1475                         *stored = a;
1476         }
1477
1478         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1479                 c->index++;
1480
1481         return 0;
1482
1483 fail:
1484         if (fd >= 0)
1485                 close_nointr_nofail(fd);
1486
1487         return r;
1488 }
1489
1490 int sd_bus_message_append_basic(sd_bus_message *m, char type, const void *p) {
1491         return message_append_basic(m, type, p, NULL);
1492 }
1493
1494 int sd_bus_message_append_string_space(sd_bus_message *m, size_t size, char **s) {
1495         struct bus_container *c;
1496         void *a;
1497
1498         if (!m)
1499                 return -EINVAL;
1500         if (!s)
1501                 return -EINVAL;
1502         if (m->sealed)
1503                 return -EPERM;
1504         if (m->poisoned)
1505                 return -ESTALE;
1506
1507         c = message_get_container(m);
1508
1509         if (c->signature && c->signature[c->index]) {
1510                 /* Container signature is already set */
1511
1512                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
1513                         return -ENXIO;
1514         } else {
1515                 char *e;
1516
1517                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1518                 if (c->enclosing != 0)
1519                         return -ENXIO;
1520
1521                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
1522                 if (!e) {
1523                         m->poisoned = true;
1524                         return -ENOMEM;
1525                 }
1526         }
1527
1528         a = message_extend_body(m, 4, 4 + size + 1);
1529         if (!a)
1530                 return -ENOMEM;
1531
1532         *(uint32_t*) a = size;
1533         *s = (char*) a + 4;
1534
1535         (*s)[size] = 0;
1536
1537         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1538                 c->index++;
1539
1540         return 0;
1541 }
1542
1543 static int bus_message_open_array(
1544                 sd_bus_message *m,
1545                 struct bus_container *c,
1546                 const char *contents,
1547                 uint32_t **array_size) {
1548
1549         unsigned nindex;
1550         void *a, *op;
1551         int alignment;
1552         size_t os;
1553         struct bus_body_part *o;
1554
1555         assert(m);
1556         assert(c);
1557         assert(contents);
1558         assert(array_size);
1559
1560         if (!signature_is_single(contents))
1561                 return -EINVAL;
1562
1563         alignment = bus_type_get_alignment(contents[0]);
1564         if (alignment < 0)
1565                 return alignment;
1566
1567         if (c->signature && c->signature[c->index]) {
1568
1569                 /* Verify the existing signature */
1570
1571                 if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
1572                         return -ENXIO;
1573
1574                 if (!startswith(c->signature + c->index + 1, contents))
1575                         return -ENXIO;
1576
1577                 nindex = c->index + 1 + strlen(contents);
1578         } else {
1579                 char *e;
1580
1581                 if (c->enclosing != 0)
1582                         return -ENXIO;
1583
1584                 /* Extend the existing signature */
1585
1586                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_ARRAY), contents, NULL);
1587                 if (!e) {
1588                         m->poisoned = true;
1589                         return -ENOMEM;
1590                 }
1591
1592                 nindex = e - c->signature;
1593         }
1594
1595         a = message_extend_body(m, 4, 4);
1596         if (!a)
1597                 return -ENOMEM;
1598
1599         o = m->body_end;
1600         op = m->body_end->data;
1601         os = m->body_end->size;
1602
1603         /* Add alignment between size and first element */
1604         if (!message_extend_body(m, alignment, 0))
1605                 return -ENOMEM;
1606
1607         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1608                 c->index = nindex;
1609
1610         /* location of array size might have changed so let's readjust a */
1611         if (o == m->body_end)
1612                 a = adjust_pointer(a, op, os, m->body_end->data);
1613
1614         *(uint32_t*) a = 0;
1615         *array_size = a;
1616         return 0;
1617 }
1618
1619 static int bus_message_open_variant(
1620                 sd_bus_message *m,
1621                 struct bus_container *c,
1622                 const char *contents) {
1623
1624         size_t l;
1625         void *a;
1626
1627         assert(m);
1628         assert(c);
1629         assert(contents);
1630
1631         if (!signature_is_single(contents))
1632                 return -EINVAL;
1633
1634         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
1635                 return -EINVAL;
1636
1637         if (c->signature && c->signature[c->index]) {
1638
1639                 if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
1640                         return -ENXIO;
1641
1642         } else {
1643                 char *e;
1644
1645                 if (c->enclosing != 0)
1646                         return -ENXIO;
1647
1648                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_VARIANT), NULL);
1649                 if (!e) {
1650                         m->poisoned = true;
1651                         return -ENOMEM;
1652                 }
1653         }
1654
1655         l = strlen(contents);
1656         a = message_extend_body(m, 1, 1 + l + 1);
1657         if (!a)
1658                 return -ENOMEM;
1659
1660         *(uint8_t*) a = l;
1661         memcpy((uint8_t*) a + 1, contents, l + 1);
1662
1663         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1664                 c->index++;
1665
1666         return 0;
1667 }
1668
1669 static int bus_message_open_struct(
1670                 sd_bus_message *m,
1671                 struct bus_container *c,
1672                 const char *contents) {
1673
1674         size_t nindex;
1675
1676         assert(m);
1677         assert(c);
1678         assert(contents);
1679
1680         if (!signature_is_valid(contents, false))
1681                 return -EINVAL;
1682
1683         if (c->signature && c->signature[c->index]) {
1684                 size_t l;
1685
1686                 l = strlen(contents);
1687
1688                 if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
1689                     !startswith(c->signature + c->index + 1, contents) ||
1690                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
1691                         return -ENXIO;
1692
1693                 nindex = c->index + 1 + l + 1;
1694         } else {
1695                 char *e;
1696
1697                 if (c->enclosing != 0)
1698                         return -ENXIO;
1699
1700                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_BEGIN), contents, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_END), NULL);
1701                 if (!e) {
1702                         m->poisoned = true;
1703                         return -ENOMEM;
1704                 }
1705
1706                 nindex = e - c->signature;
1707         }
1708
1709         /* Align contents to 8 byte boundary */
1710         if (!message_extend_body(m, 8, 0))
1711                 return -ENOMEM;
1712
1713         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1714                 c->index = nindex;
1715
1716         return 0;
1717 }
1718
1719 static int bus_message_open_dict_entry(
1720                 sd_bus_message *m,
1721                 struct bus_container *c,
1722                 const char *contents) {
1723
1724         size_t nindex;
1725
1726         assert(m);
1727         assert(c);
1728         assert(contents);
1729
1730         if (!signature_is_pair(contents))
1731                 return -EINVAL;
1732
1733         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1734                 return -ENXIO;
1735
1736         if (c->signature && c->signature[c->index]) {
1737                 size_t l;
1738
1739                 l = strlen(contents);
1740
1741                 if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
1742                     !startswith(c->signature + c->index + 1, contents) ||
1743                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
1744                         return -ENXIO;
1745
1746                 nindex = c->index + 1 + l + 1;
1747         } else
1748                 return -ENXIO;
1749
1750         /* Align contents to 8 byte boundary */
1751         if (!message_extend_body(m, 8, 0))
1752                 return -ENOMEM;
1753
1754         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1755                 c->index = nindex;
1756
1757         return 0;
1758 }
1759
1760 int sd_bus_message_open_container(
1761                 sd_bus_message *m,
1762                 char type,
1763                 const char *contents) {
1764
1765         struct bus_container *c, *w;
1766         uint32_t *array_size = NULL;
1767         char *signature;
1768         size_t before;
1769         int r;
1770
1771         if (!m)
1772                 return -EINVAL;
1773         if (m->sealed)
1774                 return -EPERM;
1775         if (!contents)
1776                 return -EINVAL;
1777         if (m->poisoned)
1778                 return -ESTALE;
1779
1780         /* Make sure we have space for one more container */
1781         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
1782         if (!w) {
1783                 m->poisoned = true;
1784                 return -ENOMEM;
1785         }
1786
1787         m->containers = w;
1788
1789         c = message_get_container(m);
1790
1791         signature = strdup(contents);
1792         if (!signature) {
1793                 m->poisoned = true;
1794                 return -ENOMEM;
1795         }
1796
1797         /* Save old index in the parent container, in case we have to
1798          * abort this container */
1799         c->saved_index = c->index;
1800         before = m->header->body_size;
1801
1802         if (type == SD_BUS_TYPE_ARRAY)
1803                 r = bus_message_open_array(m, c, contents, &array_size);
1804         else if (type == SD_BUS_TYPE_VARIANT)
1805                 r = bus_message_open_variant(m, c, contents);
1806         else if (type == SD_BUS_TYPE_STRUCT)
1807                 r = bus_message_open_struct(m, c, contents);
1808         else if (type == SD_BUS_TYPE_DICT_ENTRY)
1809                 r = bus_message_open_dict_entry(m, c, contents);
1810         else
1811                 r = -EINVAL;
1812
1813         if (r < 0) {
1814                 free(signature);
1815                 return r;
1816         }
1817
1818         /* OK, let's fill it in */
1819         w += m->n_containers++;
1820         w->enclosing = type;
1821         w->signature = signature;
1822         w->index = 0;
1823         w->array_size = array_size;
1824         w->before = before;
1825         w->begin = m->rindex;
1826
1827         return 0;
1828 }
1829
1830 int sd_bus_message_close_container(sd_bus_message *m) {
1831         struct bus_container *c;
1832
1833         if (!m)
1834                 return -EINVAL;
1835         if (m->sealed)
1836                 return -EPERM;
1837         if (m->n_containers <= 0)
1838                 return -EINVAL;
1839         if (m->poisoned)
1840                 return -ESTALE;
1841
1842         c = message_get_container(m);
1843         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1844                 if (c->signature && c->signature[c->index] != 0)
1845                         return -EINVAL;
1846
1847         free(c->signature);
1848         m->n_containers--;
1849
1850         return 0;
1851 }
1852
1853 typedef struct {
1854         const char *types;
1855         unsigned n_struct;
1856         unsigned n_array;
1857 } TypeStack;
1858
1859 static int type_stack_push(TypeStack *stack, unsigned max, unsigned *i, const char *types, unsigned n_struct, unsigned n_array) {
1860         assert(stack);
1861         assert(max > 0);
1862
1863         if (*i >= max)
1864                 return -EINVAL;
1865
1866         stack[*i].types = types;
1867         stack[*i].n_struct = n_struct;
1868         stack[*i].n_array = n_array;
1869         (*i)++;
1870
1871         return 0;
1872 }
1873
1874 static int type_stack_pop(TypeStack *stack, unsigned max, unsigned *i, const char **types, unsigned *n_struct, unsigned *n_array) {
1875         assert(stack);
1876         assert(max > 0);
1877         assert(types);
1878         assert(n_struct);
1879         assert(n_array);
1880
1881         if (*i <= 0)
1882                 return 0;
1883
1884         (*i)--;
1885         *types = stack[*i].types;
1886         *n_struct = stack[*i].n_struct;
1887         *n_array = stack[*i].n_array;
1888
1889         return 1;
1890 }
1891
1892 int bus_message_append_ap(
1893                 sd_bus_message *m,
1894                 const char *types,
1895                 va_list ap) {
1896
1897         unsigned n_array, n_struct;
1898         TypeStack stack[BUS_CONTAINER_DEPTH];
1899         unsigned stack_ptr = 0;
1900         int r;
1901
1902         assert(m);
1903
1904         if (!types)
1905                 return 0;
1906
1907         n_array = (unsigned) -1;
1908         n_struct = strlen(types);
1909
1910         for (;;) {
1911                 const char *t;
1912
1913                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
1914                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
1915                         if (r < 0)
1916                                 return r;
1917                         if (r == 0)
1918                                 break;
1919
1920                         r = sd_bus_message_close_container(m);
1921                         if (r < 0)
1922                                 return r;
1923
1924                         continue;
1925                 }
1926
1927                 t = types;
1928                 if (n_array != (unsigned) -1)
1929                         n_array --;
1930                 else {
1931                         types ++;
1932                         n_struct--;
1933                 }
1934
1935                 switch (*t) {
1936
1937                 case SD_BUS_TYPE_BYTE: {
1938                         uint8_t x;
1939
1940                         x = (uint8_t) va_arg(ap, int);
1941                         r = sd_bus_message_append_basic(m, *t, &x);
1942                         break;
1943                 }
1944
1945                 case SD_BUS_TYPE_BOOLEAN:
1946                 case SD_BUS_TYPE_INT32:
1947                 case SD_BUS_TYPE_UINT32:
1948                 case SD_BUS_TYPE_UNIX_FD: {
1949                         uint32_t x;
1950
1951                         /* We assume a boolean is the same as int32_t */
1952                         assert_cc(sizeof(int32_t) == sizeof(int));
1953
1954                         x = va_arg(ap, uint32_t);
1955                         r = sd_bus_message_append_basic(m, *t, &x);
1956                         break;
1957                 }
1958
1959                 case SD_BUS_TYPE_INT16:
1960                 case SD_BUS_TYPE_UINT16: {
1961                         uint16_t x;
1962
1963                         x = (uint16_t) va_arg(ap, int);
1964                         r = sd_bus_message_append_basic(m, *t, &x);
1965                         break;
1966                 }
1967
1968                 case SD_BUS_TYPE_INT64:
1969                 case SD_BUS_TYPE_UINT64:
1970                 case SD_BUS_TYPE_DOUBLE: {
1971                         uint64_t x;
1972
1973                         x = va_arg(ap, uint64_t);
1974                         r = sd_bus_message_append_basic(m, *t, &x);
1975                         break;
1976                 }
1977
1978                 case SD_BUS_TYPE_STRING:
1979                 case SD_BUS_TYPE_OBJECT_PATH:
1980                 case SD_BUS_TYPE_SIGNATURE: {
1981                         const char *x;
1982
1983                         x = va_arg(ap, const char*);
1984                         r = sd_bus_message_append_basic(m, *t, x);
1985                         break;
1986                 }
1987
1988                 case SD_BUS_TYPE_ARRAY: {
1989                         size_t k;
1990
1991                         r = signature_element_length(t + 1, &k);
1992                         if (r < 0)
1993                                 return r;
1994
1995                         {
1996                                 char s[k + 1];
1997                                 memcpy(s, t + 1, k);
1998                                 s[k] = 0;
1999
2000                                 r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, s);
2001                                 if (r < 0)
2002                                         return r;
2003                         }
2004
2005                         if (n_array == (unsigned) -1) {
2006                                 types += k;
2007                                 n_struct -= k;
2008                         }
2009
2010                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2011                         if (r < 0)
2012                                 return r;
2013
2014                         types = t + 1;
2015                         n_struct = k;
2016                         n_array = va_arg(ap, unsigned);
2017
2018                         break;
2019                 }
2020
2021                 case SD_BUS_TYPE_VARIANT: {
2022                         const char *s;
2023
2024                         s = va_arg(ap, const char*);
2025                         if (!s)
2026                                 return -EINVAL;
2027
2028                         r = sd_bus_message_open_container(m, SD_BUS_TYPE_VARIANT, s);
2029                         if (r < 0)
2030                                 return r;
2031
2032                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2033                         if (r < 0)
2034                                 return r;
2035
2036                         types = s;
2037                         n_struct = strlen(s);
2038                         n_array = (unsigned) -1;
2039
2040                         break;
2041                 }
2042
2043                 case SD_BUS_TYPE_STRUCT_BEGIN:
2044                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
2045                         size_t k;
2046
2047                         r = signature_element_length(t, &k);
2048                         if (r < 0)
2049                                 return r;
2050
2051                         {
2052                                 char s[k - 1];
2053
2054                                 memcpy(s, t + 1, k - 2);
2055                                 s[k - 2] = 0;
2056
2057                                 r = sd_bus_message_open_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
2058                                 if (r < 0)
2059                                         return r;
2060                         }
2061
2062                         if (n_array == (unsigned) -1) {
2063                                 types += k - 1;
2064                                 n_struct -= k - 1;
2065                         }
2066
2067                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2068                         if (r < 0)
2069                                 return r;
2070
2071                         types = t + 1;
2072                         n_struct = k - 2;
2073                         n_array = (unsigned) -1;
2074
2075                         break;
2076                 }
2077
2078                 default:
2079                         r = -EINVAL;
2080                 }
2081
2082                 if (r < 0)
2083                         return r;
2084         }
2085
2086         return 0;
2087 }
2088
2089 int sd_bus_message_append(sd_bus_message *m, const char *types, ...) {
2090         va_list ap;
2091         int r;
2092
2093         if (!m)
2094                 return -EINVAL;
2095         if (m->sealed)
2096                 return -EPERM;
2097         if (m->poisoned)
2098                 return -ESTALE;
2099         if (!types)
2100                 return 0;
2101
2102         va_start(ap, types);
2103         r = bus_message_append_ap(m, types, ap);
2104         va_end(ap);
2105
2106         return r;
2107 }
2108
2109 int sd_bus_message_append_array_space(sd_bus_message *m, char type, size_t size, void **ptr) {
2110         ssize_t align, sz;
2111         void *a;
2112         int r;
2113
2114         if (!m)
2115                 return -EINVAL;
2116         if (m->sealed)
2117                 return -EPERM;
2118         if (!bus_type_is_trivial(type))
2119                 return -EINVAL;
2120         if (!ptr && size > 0)
2121                 return -EINVAL;
2122         if (m->poisoned)
2123                 return -ESTALE;
2124
2125         align = bus_type_get_alignment(type);
2126         sz = bus_type_get_size(type);
2127
2128         assert_se(align > 0);
2129         assert_se(sz > 0);
2130
2131         if (size % sz != 0)
2132                 return -EINVAL;
2133
2134         r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
2135         if (r < 0)
2136                 return r;
2137
2138         a = message_extend_body(m, align, size);
2139         if (!a)
2140                 return -ENOMEM;
2141
2142         r = sd_bus_message_close_container(m);
2143         if (r < 0)
2144                 return r;
2145
2146         *ptr = a;
2147         return 0;
2148 }
2149
2150 int sd_bus_message_append_array(sd_bus_message *m, char type, const void *ptr, size_t size) {
2151         int r;
2152         void *p;
2153
2154         if (!ptr && size > 0)
2155                 return -EINVAL;
2156
2157         r = sd_bus_message_append_array_space(m, type, size, &p);
2158         if (r < 0)
2159                 return r;
2160
2161         if (size > 0)
2162                 memcpy(p, ptr, size);
2163
2164         return 0;
2165 }
2166
2167 int sd_bus_message_append_array_memfd(sd_bus_message *m, char type, sd_memfd *memfd) {
2168         _cleanup_close_ int copy_fd = -1;
2169         struct bus_body_part *part;
2170         ssize_t align, sz;
2171         uint64_t size;
2172         void *a;
2173         int r;
2174
2175         if (!m)
2176                 return -EINVAL;
2177         if (!memfd)
2178                 return -EINVAL;
2179         if (m->sealed)
2180                 return -EPERM;
2181         if (!bus_type_is_trivial(type))
2182                 return -EINVAL;
2183         if (m->poisoned)
2184                 return -ESTALE;
2185
2186         r = sd_memfd_set_sealed(memfd, true);
2187         if (r < 0)
2188                 return r;
2189
2190         copy_fd = sd_memfd_dup_fd(memfd);
2191         if (copy_fd < 0)
2192                 return copy_fd;
2193
2194         r = sd_memfd_get_size(memfd, &size);
2195         if (r < 0)
2196                 return r;
2197
2198         align = bus_type_get_alignment(type);
2199         sz = bus_type_get_size(type);
2200
2201         assert_se(align > 0);
2202         assert_se(sz > 0);
2203
2204         if (size % sz != 0)
2205                 return -EINVAL;
2206
2207         if (size > (uint64_t) (uint32_t) -1)
2208                 return -EINVAL;
2209
2210         r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
2211         if (r < 0)
2212                 return r;
2213
2214         a = message_extend_body(m, align, 0);
2215         if (!a)
2216                 return -ENOMEM;
2217
2218         part = message_append_part(m);
2219         if (!part)
2220                 return -ENOMEM;
2221
2222         part->memfd = copy_fd;
2223         part->sealed = true;
2224         part->size = size;
2225         copy_fd = -1;
2226
2227         message_extend_containers(m, size);
2228         m->header->body_size += size;
2229
2230         return sd_bus_message_close_container(m);
2231 }
2232
2233 int sd_bus_message_append_string_memfd(sd_bus_message *m, sd_memfd *memfd) {
2234         _cleanup_close_ int copy_fd = -1;
2235         struct bus_body_part *part;
2236         struct bus_container *c;
2237         uint64_t size;
2238         void *a;
2239         int r;
2240
2241         if (!m)
2242                 return -EINVAL;
2243         if (!memfd)
2244                 return -EINVAL;
2245         if (m->sealed)
2246                 return -EPERM;
2247         if (m->poisoned)
2248                 return -ESTALE;
2249
2250         r = sd_memfd_set_sealed(memfd, true);
2251         if (r < 0)
2252                 return r;
2253
2254         copy_fd = sd_memfd_dup_fd(memfd);
2255         if (copy_fd < 0)
2256                 return copy_fd;
2257
2258         r = sd_memfd_get_size(memfd, &size);
2259         if (r < 0)
2260                 return r;
2261
2262         /* We require this to be NUL terminated */
2263         if (size == 0)
2264                 return -EINVAL;
2265
2266         if (size > (uint64_t) (uint32_t) -1)
2267                 return -EINVAL;
2268
2269         c = message_get_container(m);
2270         if (c->signature && c->signature[c->index]) {
2271                 /* Container signature is already set */
2272
2273                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
2274                         return -ENXIO;
2275         } else {
2276                 char *e;
2277
2278                 /* Maybe we can append to the signature? But only if this is the top-level container*/
2279                 if (c->enclosing != 0)
2280                         return -ENXIO;
2281
2282                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
2283                 if (!e) {
2284                         m->poisoned = true;
2285                         return -ENOMEM;
2286                 }
2287         }
2288
2289         a = message_extend_body(m, 4, 4);
2290         if (!a)
2291                 return -ENOMEM;
2292
2293         *(uint32_t*) a = size - 1;
2294
2295         part = message_append_part(m);
2296         if (!part)
2297                 return -ENOMEM;
2298
2299         part->memfd = copy_fd;
2300         part->sealed = true;
2301         part->size = size;
2302         copy_fd = -1;
2303
2304         message_extend_containers(m, size);
2305         m->header->body_size += size;
2306
2307         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2308                 c->index++;
2309
2310         return 0;
2311 }
2312
2313 int bus_body_part_map(struct bus_body_part *part) {
2314         void *p;
2315         size_t psz;
2316
2317         assert_se(part);
2318
2319         if (part->data)
2320                 return 0;
2321
2322         if (part->size <= 0)
2323                 return 0;
2324
2325         /* For smaller zero parts (as used for padding) we don't need to map anything... */
2326         if (part->memfd < 0 && part->is_zero && part->size < 8) {
2327                 static const uint8_t zeroes[7] = { };
2328                 part->data = (void*) zeroes;
2329                 return 0;
2330         }
2331
2332         psz = PAGE_ALIGN(part->size);
2333
2334         if (part->memfd >= 0)
2335                 p = mmap(NULL, psz, PROT_READ, MAP_SHARED, part->memfd, 0);
2336         else if (part->is_zero)
2337                 p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
2338         else
2339                 return -EINVAL;
2340
2341         if (p == MAP_FAILED)
2342                 return -errno;
2343
2344         part->mapped = psz;
2345         part->data = p;
2346         part->munmap_this = true;
2347
2348         return 0;
2349 }
2350
2351 void bus_body_part_unmap(struct bus_body_part *part) {
2352
2353         assert_se(part);
2354
2355         if (part->memfd < 0)
2356                 return;
2357
2358         if (!part->data)
2359                 return;
2360
2361         if (!part->munmap_this)
2362                 return;
2363
2364         assert_se(munmap(part->data, part->mapped) == 0);
2365
2366         part->data = NULL;
2367         part->mapped = 0;
2368         part->munmap_this = false;
2369
2370         return;
2371 }
2372
2373 static int buffer_peek(const void *p, uint32_t sz, size_t *rindex, size_t align, size_t nbytes, void **r) {
2374         size_t k, start, end;
2375
2376         assert(rindex);
2377         assert(align > 0);
2378
2379         start = ALIGN_TO((size_t) *rindex, align);
2380         end = start + nbytes;
2381
2382         if (end > sz)
2383                 return -EBADMSG;
2384
2385         /* Verify that padding is 0 */
2386         for (k = *rindex; k < start; k++)
2387                 if (((const uint8_t*) p)[k] != 0)
2388                         return -EBADMSG;
2389
2390         if (r)
2391                 *r = (uint8_t*) p + start;
2392
2393         *rindex = end;
2394
2395         return 1;
2396 }
2397
2398 static bool message_end_of_array(sd_bus_message *m, size_t index) {
2399         struct bus_container *c;
2400
2401         assert(m);
2402
2403         c = message_get_container(m);
2404         if (!c->array_size)
2405                 return false;
2406
2407         return index >= c->begin + BUS_MESSAGE_BSWAP32(m, *c->array_size);
2408 }
2409
2410 static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t sz, void **p) {
2411         struct bus_body_part *part;
2412         size_t begin;
2413         int r;
2414
2415         assert(m);
2416
2417         if (m->cached_rindex_part && index >= m->cached_rindex_part_begin) {
2418                 part = m->cached_rindex_part;
2419                 begin = m->cached_rindex_part_begin;
2420         } else {
2421                 part = &m->body;
2422                 begin = 0;
2423         }
2424
2425         while (part) {
2426                 if (index < begin)
2427                         return NULL;
2428
2429                 if (index + sz <= begin + part->size) {
2430
2431                         r = bus_body_part_map(part);
2432                         if (r < 0)
2433                                 return NULL;
2434
2435                         if (p)
2436                                 *p = (uint8_t*) part->data + index - begin;
2437
2438                         m->cached_rindex_part = part;
2439                         m->cached_rindex_part_begin = begin;
2440
2441                         return part;
2442                 }
2443
2444                 begin += part->size;
2445                 part = part->next;
2446         }
2447
2448         return NULL;
2449 }
2450
2451 static int message_peek_body(
2452                 sd_bus_message *m,
2453                 size_t *rindex,
2454                 size_t align,
2455                 size_t nbytes,
2456                 void **ret) {
2457
2458         size_t k, start, end, padding;
2459         struct bus_body_part *part;
2460         uint8_t *q;
2461
2462         assert(m);
2463         assert(rindex);
2464         assert(align > 0);
2465
2466         if (message_end_of_array(m, *rindex))
2467                 return 0;
2468
2469         start = ALIGN_TO((size_t) *rindex, align);
2470         padding = start - *rindex;
2471         end = start + nbytes;
2472
2473         if (end > BUS_MESSAGE_BODY_SIZE(m))
2474                 return -EBADMSG;
2475
2476         part = find_part(m, *rindex, padding, (void**) &q);
2477         if (!part)
2478                 return -EBADMSG;
2479
2480         if (q) {
2481                 /* Verify padding */
2482                 for (k = 0; k < padding; k++)
2483                         if (q[k] != 0)
2484                                 return -EBADMSG;
2485         }
2486
2487         part = find_part(m, start, nbytes, (void**) &q);
2488         if (!part || !q)
2489                 return -EBADMSG;
2490
2491         *rindex = end;
2492
2493         if (ret)
2494                 *ret = q;
2495
2496         return 1;
2497 }
2498
2499 static bool validate_nul(const char *s, size_t l) {
2500
2501         /* Check for NUL chars in the string */
2502         if (memchr(s, 0, l))
2503                 return false;
2504
2505         /* Check for NUL termination */
2506         if (s[l] != 0)
2507                 return false;
2508
2509         return true;
2510 }
2511
2512 static bool validate_string(const char *s, size_t l) {
2513
2514         if (!validate_nul(s, l))
2515                 return false;
2516
2517         /* Check if valid UTF8 */
2518         if (!utf8_is_valid(s))
2519                 return false;
2520
2521         return true;
2522 }
2523
2524 static bool validate_signature(const char *s, size_t l) {
2525
2526         if (!validate_nul(s, l))
2527                 return false;
2528
2529         /* Check if valid signature */
2530         if (!signature_is_valid(s, true))
2531                 return false;
2532
2533         return true;
2534 }
2535
2536 static bool validate_object_path(const char *s, size_t l) {
2537
2538         if (!validate_nul(s, l))
2539                 return false;
2540
2541         if (!object_path_is_valid(s))
2542                 return false;
2543
2544         return true;
2545 }
2546
2547 int sd_bus_message_read_basic(sd_bus_message *m, char type, void *p) {
2548         struct bus_container *c;
2549         int r;
2550         void *q;
2551
2552         if (!m)
2553                 return -EINVAL;
2554         if (!m->sealed)
2555                 return -EPERM;
2556         if (!bus_type_is_basic(type))
2557                 return -EINVAL;
2558         if (!p)
2559                 return -EINVAL;
2560
2561         c = message_get_container(m);
2562
2563         if (!c->signature || c->signature[c->index] == 0)
2564                 return 0;
2565
2566         if (c->signature[c->index] != type)
2567                 return -ENXIO;
2568
2569         switch (type) {
2570
2571         case SD_BUS_TYPE_STRING:
2572         case SD_BUS_TYPE_OBJECT_PATH: {
2573                 uint32_t l;
2574                 size_t rindex;
2575
2576                 rindex = m->rindex;
2577                 r = message_peek_body(m, &rindex, 4, 4, &q);
2578                 if (r <= 0)
2579                         return r;
2580
2581                 l = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2582                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2583                 if (r < 0)
2584                         return r;
2585                 if (r == 0)
2586                         return -EBADMSG;
2587
2588                 if (type == SD_BUS_TYPE_OBJECT_PATH) {
2589                         if (!validate_object_path(q, l))
2590                                 return -EBADMSG;
2591                 } else {
2592                         if (!validate_string(q, l))
2593                                 return -EBADMSG;
2594                 }
2595
2596                 m->rindex = rindex;
2597                 *(const char**) p = q;
2598                 break;
2599         }
2600
2601         case SD_BUS_TYPE_SIGNATURE: {
2602                 uint8_t l;
2603                 size_t rindex;
2604
2605                 rindex = m->rindex;
2606                 r = message_peek_body(m, &rindex, 1, 1, &q);
2607                 if (r <= 0)
2608                         return r;
2609
2610                 l = *(uint8_t*) q;
2611                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2612                 if (r < 0)
2613                         return r;
2614                 if (r == 0)
2615                         return -EBADMSG;
2616
2617                 if (!validate_signature(q, l))
2618                         return -EBADMSG;
2619
2620                 m->rindex = rindex;
2621                 *(const char**) p = q;
2622                 break;
2623         }
2624
2625         default: {
2626                 ssize_t sz, align;
2627                 size_t rindex;
2628
2629                 align = bus_type_get_alignment(type);
2630                 sz = bus_type_get_size(type);
2631                 assert(align > 0 && sz > 0);
2632
2633                 rindex = m->rindex;
2634                 r = message_peek_body(m, &rindex, align, sz, &q);
2635                 if (r <= 0)
2636                         return r;
2637
2638                 switch (type) {
2639
2640                 case SD_BUS_TYPE_BYTE:
2641                         *(uint8_t*) p = *(uint8_t*) q;
2642                         break;
2643
2644                 case SD_BUS_TYPE_BOOLEAN:
2645                         *(int*) p = !!*(uint32_t*) q;
2646                         break;
2647
2648                 case SD_BUS_TYPE_INT16:
2649                 case SD_BUS_TYPE_UINT16:
2650                         *(uint16_t*) p = BUS_MESSAGE_BSWAP16(m, *(uint16_t*) q);
2651                         break;
2652
2653                 case SD_BUS_TYPE_INT32:
2654                 case SD_BUS_TYPE_UINT32:
2655                         *(uint32_t*) p = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2656                         break;
2657
2658                 case SD_BUS_TYPE_INT64:
2659                 case SD_BUS_TYPE_UINT64:
2660                 case SD_BUS_TYPE_DOUBLE:
2661                         *(uint64_t*) p = BUS_MESSAGE_BSWAP64(m, *(uint64_t*) q);
2662                         break;
2663
2664                 case SD_BUS_TYPE_UNIX_FD: {
2665                         uint32_t j;
2666
2667                         j = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2668                         if (j >= m->n_fds)
2669                                 return -EBADMSG;
2670
2671                         *(int*) p = m->fds[j];
2672                         break;
2673                 }
2674
2675                 default:
2676                         assert_not_reached("Unknown basic type...");
2677                 }
2678
2679                 m->rindex = rindex;
2680
2681                 break;
2682         }
2683         }
2684
2685         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2686                 c->index++;
2687
2688         return 1;
2689 }
2690
2691 static int bus_message_enter_array(
2692                 sd_bus_message *m,
2693                 struct bus_container *c,
2694                 const char *contents,
2695                 uint32_t **array_size) {
2696
2697         size_t rindex;
2698         void *q;
2699         int r, alignment;
2700
2701         assert(m);
2702         assert(c);
2703         assert(contents);
2704         assert(array_size);
2705
2706         if (!signature_is_single(contents))
2707                 return -EINVAL;
2708
2709         alignment = bus_type_get_alignment(contents[0]);
2710         if (alignment < 0)
2711                 return alignment;
2712
2713         if (!c->signature || c->signature[c->index] == 0)
2714                 return 0;
2715
2716         if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
2717                 return -ENXIO;
2718
2719         if (!startswith(c->signature + c->index + 1, contents))
2720                 return -ENXIO;
2721
2722         rindex = m->rindex;
2723         r = message_peek_body(m, &rindex, 4, 4, &q);
2724         if (r <= 0)
2725                 return r;
2726
2727         if (BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q) > BUS_ARRAY_MAX_SIZE)
2728                 return -EBADMSG;
2729
2730         r = message_peek_body(m, &rindex, alignment, 0, NULL);
2731         if (r < 0)
2732                 return r;
2733         if (r == 0)
2734                 return -EBADMSG;
2735
2736         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2737                 c->index += 1 + strlen(contents);
2738
2739         m->rindex = rindex;
2740
2741         *array_size = (uint32_t*) q;
2742
2743         return 1;
2744 }
2745
2746 static int bus_message_enter_variant(
2747                 sd_bus_message *m,
2748                 struct bus_container *c,
2749                 const char *contents) {
2750
2751         size_t rindex;
2752         uint8_t l;
2753         void *q;
2754         int r;
2755
2756         assert(m);
2757         assert(c);
2758         assert(contents);
2759
2760         if (!signature_is_single(contents))
2761                 return -EINVAL;
2762
2763         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
2764                 return -EINVAL;
2765
2766         if (!c->signature || c->signature[c->index] == 0)
2767                 return 0;
2768
2769         if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
2770                 return -ENXIO;
2771
2772         rindex = m->rindex;
2773         r = message_peek_body(m, &rindex, 1, 1, &q);
2774         if (r <= 0)
2775                 return r;
2776
2777         l = *(uint8_t*) q;
2778         r = message_peek_body(m, &rindex, 1, l+1, &q);
2779         if (r < 0)
2780                 return r;
2781         if (r == 0)
2782                 return -EBADMSG;
2783
2784         if (!validate_signature(q, l))
2785                 return -EBADMSG;
2786
2787         if (!streq(q, contents))
2788                 return -ENXIO;
2789
2790         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2791                 c->index++;
2792
2793         m->rindex = rindex;
2794
2795         return 1;
2796 }
2797
2798 static int bus_message_enter_struct(
2799                 sd_bus_message *m,
2800                 struct bus_container *c,
2801                 const char *contents) {
2802
2803         size_t l;
2804         int r;
2805
2806         assert(m);
2807         assert(c);
2808         assert(contents);
2809
2810         if (!signature_is_valid(contents, false))
2811                 return -EINVAL;
2812
2813         if (!c->signature || c->signature[c->index] == 0)
2814                 return 0;
2815
2816         l = strlen(contents);
2817
2818         if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
2819             !startswith(c->signature + c->index + 1, contents) ||
2820             c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
2821                 return -ENXIO;
2822
2823         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2824         if (r <= 0)
2825                 return r;
2826
2827         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2828                 c->index += 1 + l + 1;
2829
2830         return 1;
2831 }
2832
2833 static int bus_message_enter_dict_entry(
2834                 sd_bus_message *m,
2835                 struct bus_container *c,
2836                 const char *contents) {
2837
2838         size_t l;
2839         int r;
2840
2841         assert(m);
2842         assert(c);
2843         assert(contents);
2844
2845         if (!signature_is_pair(contents))
2846                 return -EINVAL;
2847
2848         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2849                 return -ENXIO;
2850
2851         if (!c->signature || c->signature[c->index] == 0)
2852                 return 0;
2853
2854         l = strlen(contents);
2855
2856         if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
2857             !startswith(c->signature + c->index + 1, contents) ||
2858             c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
2859                 return -ENXIO;
2860
2861         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2862         if (r <= 0)
2863                 return r;
2864
2865         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2866                 c->index += 1 + l + 1;
2867
2868         return 1;
2869 }
2870
2871 int sd_bus_message_enter_container(sd_bus_message *m, char type, const char *contents) {
2872         struct bus_container *c, *w;
2873         uint32_t *array_size = NULL;
2874         char *signature;
2875         size_t before;
2876         int r;
2877
2878         if (!m)
2879                 return -EINVAL;
2880         if (!m->sealed)
2881                 return -EPERM;
2882         if (!contents)
2883                 return -EINVAL;
2884
2885         /*
2886          * We enforce a global limit on container depth, that is much
2887          * higher than the 32 structs and 32 arrays the specification
2888          * mandates. This is simpler to implement for us, and we need
2889          * this only to ensure our container array doesn't grow
2890          * without bounds. We are happy to return any data from a
2891          * message as long as the data itself is valid, even if the
2892          * overall message might be not.
2893          *
2894          * Note that the message signature is validated when
2895          * parsing the headers, and that validation does check the
2896          * 32/32 limit.
2897          *
2898          * Note that the specification defines no limits on the depth
2899          * of stacked variants, but we do.
2900          */
2901         if (m->n_containers >= BUS_CONTAINER_DEPTH)
2902                 return -EBADMSG;
2903
2904         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
2905         if (!w)
2906                 return -ENOMEM;
2907         m->containers = w;
2908
2909         c = message_get_container(m);
2910
2911         if (!c->signature || c->signature[c->index] == 0)
2912                 return 0;
2913
2914         signature = strdup(contents);
2915         if (!signature)
2916                 return -ENOMEM;
2917
2918         c->saved_index = c->index;
2919         before = m->rindex;
2920
2921         if (type == SD_BUS_TYPE_ARRAY)
2922                 r = bus_message_enter_array(m, c, contents, &array_size);
2923         else if (type == SD_BUS_TYPE_VARIANT)
2924                 r = bus_message_enter_variant(m, c, contents);
2925         else if (type == SD_BUS_TYPE_STRUCT)
2926                 r = bus_message_enter_struct(m, c, contents);
2927         else if (type == SD_BUS_TYPE_DICT_ENTRY)
2928                 r = bus_message_enter_dict_entry(m, c, contents);
2929         else
2930                 r = -EINVAL;
2931
2932         if (r <= 0) {
2933                 free(signature);
2934                 return r;
2935         }
2936
2937         /* OK, let's fill it in */
2938         w += m->n_containers++;
2939         w->enclosing = type;
2940         w->signature = signature;
2941         w->index = 0;
2942         w->array_size = array_size;
2943         w->before = before;
2944         w->begin = m->rindex;
2945
2946         return 1;
2947 }
2948
2949 int sd_bus_message_exit_container(sd_bus_message *m) {
2950         struct bus_container *c;
2951
2952         if (!m)
2953                 return -EINVAL;
2954         if (!m->sealed)
2955                 return -EPERM;
2956         if (m->n_containers <= 0)
2957                 return -EINVAL;
2958
2959         c = message_get_container(m);
2960         if (c->enclosing == SD_BUS_TYPE_ARRAY) {
2961                 uint32_t l;
2962
2963                 l = BUS_MESSAGE_BSWAP32(m, *c->array_size);
2964                 if (c->begin + l != m->rindex)
2965                         return -EBUSY;
2966
2967         } else {
2968                 if (c->signature && c->signature[c->index] != 0)
2969                         return -EINVAL;
2970         }
2971
2972         free(c->signature);
2973         m->n_containers--;
2974
2975         return 1;
2976 }
2977
2978 static void message_quit_container(sd_bus_message *m) {
2979         struct bus_container *c;
2980
2981         assert(m);
2982         assert(m->sealed);
2983         assert(m->n_containers > 0);
2984
2985         c = message_get_container(m);
2986
2987         /* Undo seeks */
2988         assert(m->rindex >= c->before);
2989         m->rindex = c->before;
2990
2991         /* Free container */
2992         free(c->signature);
2993         m->n_containers--;
2994
2995         /* Correct index of new top-level container */
2996         c = message_get_container(m);
2997         c->index = c->saved_index;
2998 }
2999
3000 int sd_bus_message_peek_type(sd_bus_message *m, char *type, const char **contents) {
3001         struct bus_container *c;
3002         int r;
3003
3004         if (!m)
3005                 return -EINVAL;
3006         if (!m->sealed)
3007                 return -EPERM;
3008
3009         c = message_get_container(m);
3010
3011         if (!c->signature || c->signature[c->index] == 0)
3012                 goto eof;
3013
3014         if (message_end_of_array(m, m->rindex))
3015                 goto eof;
3016
3017         if (bus_type_is_basic(c->signature[c->index])) {
3018                 if (contents)
3019                         *contents = NULL;
3020                 if (type)
3021                         *type = c->signature[c->index];
3022                 return 1;
3023         }
3024
3025         if (c->signature[c->index] == SD_BUS_TYPE_ARRAY) {
3026
3027                 if (contents) {
3028                         size_t l;
3029                         char *sig;
3030
3031                         r = signature_element_length(c->signature+c->index+1, &l);
3032                         if (r < 0)
3033                                 return r;
3034
3035                         assert(l >= 1);
3036
3037                         sig = strndup(c->signature + c->index + 1, l);
3038                         if (!sig)
3039                                 return -ENOMEM;
3040
3041                         free(m->peeked_signature);
3042                         m->peeked_signature = sig;
3043
3044                         *contents = sig;
3045                 }
3046
3047                 if (type)
3048                         *type = SD_BUS_TYPE_ARRAY;
3049
3050                 return 1;
3051         }
3052
3053         if (c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ||
3054             c->signature[c->index] == SD_BUS_TYPE_DICT_ENTRY_BEGIN) {
3055
3056                 if (contents) {
3057                         size_t l;
3058                         char *sig;
3059
3060                         r = signature_element_length(c->signature+c->index, &l);
3061                         if (r < 0)
3062                                 return r;
3063
3064                         assert(l >= 2);
3065                         sig = strndup(c->signature + c->index + 1, l - 2);
3066                         if (!sig)
3067                                 return -ENOMEM;
3068
3069                         free(m->peeked_signature);
3070                         m->peeked_signature = sig;
3071
3072                         *contents = sig;
3073                 }
3074
3075                 if (type)
3076                         *type = c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY;
3077
3078                 return 1;
3079         }
3080
3081         if (c->signature[c->index] == SD_BUS_TYPE_VARIANT) {
3082                 if (contents) {
3083                         size_t rindex, l;
3084                         void *q;
3085
3086                         rindex = m->rindex;
3087                         r = message_peek_body(m, &rindex, 1, 1, &q);
3088                         if (r < 0)
3089                                 return r;
3090                         if (r == 0)
3091                                 goto eof;
3092
3093                         l = *(uint8_t*) q;
3094                         r = message_peek_body(m, &rindex, 1, l+1, &q);
3095                         if (r < 0)
3096                                 return r;
3097                         if (r == 0)
3098                                 return -EBADMSG;
3099
3100                         if (!validate_signature(q, l))
3101                                 return -EBADMSG;
3102
3103                         *contents = q;
3104                 }
3105
3106                 if (type)
3107                         *type = SD_BUS_TYPE_VARIANT;
3108
3109                 return 1;
3110         }
3111
3112         return -EINVAL;
3113
3114 eof:
3115         if (type)
3116                 *type = c->enclosing;
3117         if (contents)
3118                 *contents = NULL;
3119         return 0;
3120 }
3121
3122 int sd_bus_message_rewind(sd_bus_message *m, int complete) {
3123         struct bus_container *c;
3124
3125         if (!m)
3126                 return -EINVAL;
3127         if (!m->sealed)
3128                 return -EPERM;
3129
3130         if (complete) {
3131                 message_reset_containers(m);
3132                 m->rindex = 0;
3133                 m->root_container.index = 0;
3134
3135                 c = message_get_container(m);
3136         } else {
3137                 c = message_get_container(m);
3138
3139                 c->index = 0;
3140                 m->rindex = c->begin;
3141         }
3142
3143         return !isempty(c->signature);
3144 }
3145 static int message_read_ap(
3146                 sd_bus_message *m,
3147                 const char *types,
3148                 va_list ap) {
3149
3150         unsigned n_array, n_struct;
3151         TypeStack stack[BUS_CONTAINER_DEPTH];
3152         unsigned stack_ptr = 0;
3153         int r;
3154
3155         assert(m);
3156
3157         if (!types)
3158                 return 0;
3159
3160         /* Ideally, we'd just call ourselves recursively on every
3161          * complex type. However, the state of a va_list that is
3162          * passed to a function is undefined after that function
3163          * returns. This means we need to docode the va_list linearly
3164          * in a single stackframe. We hence implement our own
3165          * home-grown stack in an array. */
3166
3167         n_array = (unsigned) -1;
3168         n_struct = strlen(types);
3169
3170         for (;;) {
3171                 const char *t;
3172
3173                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
3174                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
3175                         if (r < 0)
3176                                 return r;
3177                         if (r == 0)
3178                                 break;
3179
3180                         r = sd_bus_message_exit_container(m);
3181                         if (r < 0)
3182                                 return r;
3183
3184                         continue;
3185                 }
3186
3187                 t = types;
3188                 if (n_array != (unsigned) -1)
3189                         n_array --;
3190                 else {
3191                         types ++;
3192                         n_struct--;
3193                 }
3194
3195                 switch (*t) {
3196
3197                 case SD_BUS_TYPE_BYTE:
3198                 case SD_BUS_TYPE_BOOLEAN:
3199                 case SD_BUS_TYPE_INT16:
3200                 case SD_BUS_TYPE_UINT16:
3201                 case SD_BUS_TYPE_INT32:
3202                 case SD_BUS_TYPE_UINT32:
3203                 case SD_BUS_TYPE_INT64:
3204                 case SD_BUS_TYPE_UINT64:
3205                 case SD_BUS_TYPE_DOUBLE:
3206                 case SD_BUS_TYPE_STRING:
3207                 case SD_BUS_TYPE_OBJECT_PATH:
3208                 case SD_BUS_TYPE_SIGNATURE:
3209                 case SD_BUS_TYPE_UNIX_FD: {
3210                         void *p;
3211
3212                         p = va_arg(ap, void*);
3213                         r = sd_bus_message_read_basic(m, *t, p);
3214                         if (r < 0)
3215                                 return r;
3216                         if (r == 0)
3217                                 return -ENXIO;
3218
3219                         break;
3220                 }
3221
3222                 case SD_BUS_TYPE_ARRAY: {
3223                         size_t k;
3224
3225                         r = signature_element_length(t + 1, &k);
3226                         if (r < 0)
3227                                 return r;
3228
3229                         {
3230                                 char s[k + 1];
3231                                 memcpy(s, t + 1, k);
3232                                 s[k] = 0;
3233
3234                                 r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, s);
3235                                 if (r < 0)
3236                                         return r;
3237                                 if (r == 0)
3238                                         return -ENXIO;
3239                         }
3240
3241                         if (n_array == (unsigned) -1) {
3242                                 types += k;
3243                                 n_struct -= k;
3244                         }
3245
3246                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3247                         if (r < 0)
3248                                 return r;
3249
3250                         types = t + 1;
3251                         n_struct = k;
3252                         n_array = va_arg(ap, unsigned);
3253
3254                         break;
3255                 }
3256
3257                 case SD_BUS_TYPE_VARIANT: {
3258                         const char *s;
3259
3260                         s = va_arg(ap, const char *);
3261                         if (!s)
3262                                 return -EINVAL;
3263
3264                         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_VARIANT, s);
3265                         if (r < 0)
3266                                 return r;
3267                         if (r == 0)
3268                                 return -ENXIO;
3269
3270                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3271                         if (r < 0)
3272                                 return r;
3273
3274                         types = s;
3275                         n_struct = strlen(s);
3276                         n_array = (unsigned) -1;
3277
3278                         break;
3279                 }
3280
3281                 case SD_BUS_TYPE_STRUCT_BEGIN:
3282                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
3283                         size_t k;
3284
3285                         r = signature_element_length(t, &k);
3286                         if (r < 0)
3287                                 return r;
3288
3289                         {
3290                                 char s[k - 1];
3291                                 memcpy(s, t + 1, k - 2);
3292                                 s[k - 2] = 0;
3293
3294                                 r = sd_bus_message_enter_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
3295                                 if (r < 0)
3296                                         return r;
3297                                 if (r == 0)
3298                                         return -ENXIO;
3299                         }
3300
3301                         if (n_array == (unsigned) -1) {
3302                                 types += k - 1;
3303                                 n_struct -= k - 1;
3304                         }
3305
3306                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3307                         if (r < 0)
3308                                 return r;
3309
3310                         types = t + 1;
3311                         n_struct = k - 2;
3312                         n_array = (unsigned) -1;
3313
3314                         break;
3315                 }
3316
3317                 default:
3318                         return -EINVAL;
3319                 }
3320         }
3321
3322         return 1;
3323 }
3324
3325 int sd_bus_message_read(sd_bus_message *m, const char *types, ...) {
3326         va_list ap;
3327         int r;
3328
3329         if (!m)
3330                 return -EINVAL;
3331         if (!m->sealed)
3332                 return -EPERM;
3333         if (!types)
3334                 return -EINVAL;
3335
3336         va_start(ap, types);
3337         r = message_read_ap(m, types, ap);
3338         va_end(ap);
3339
3340         return r;
3341 }
3342
3343 int sd_bus_message_read_array(sd_bus_message *m, char type, const void **ptr, size_t *size) {
3344         struct bus_container *c;
3345         void *p;
3346         size_t sz;
3347         ssize_t align;
3348         int r;
3349
3350         if (!m)
3351                 return -EINVAL;
3352         if (!m->sealed)
3353                 return -EPERM;
3354         if (!bus_type_is_trivial(type))
3355                 return -EINVAL;
3356         if (!ptr)
3357                 return -EINVAL;
3358         if (!size)
3359                 return -EINVAL;
3360         if (BUS_MESSAGE_NEED_BSWAP(m))
3361                 return -ENOTSUP;
3362
3363         align = bus_type_get_alignment(type);
3364         if (align < 0)
3365                 return align;
3366
3367         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
3368         if (r <= 0)
3369                 return r;
3370
3371         c = message_get_container(m);
3372         sz = BUS_MESSAGE_BSWAP32(m, *c->array_size);
3373
3374         r = message_peek_body(m, &m->rindex, align, sz, &p);
3375         if (r < 0)
3376                 goto fail;
3377         if (r == 0) {
3378                 r = -EBADMSG;
3379                 goto fail;
3380         }
3381
3382         r = sd_bus_message_exit_container(m);
3383         if (r < 0)
3384                 goto fail;
3385
3386         *ptr = (const void*) p;
3387         *size = sz;
3388
3389         return 1;
3390
3391 fail:
3392         message_quit_container(m);
3393         return r;
3394 }
3395
3396 static int message_peek_fields(
3397                 sd_bus_message *m,
3398                 size_t *rindex,
3399                 size_t align,
3400                 size_t nbytes,
3401                 void **ret) {
3402
3403         assert(m);
3404         assert(rindex);
3405         assert(align > 0);
3406
3407         return buffer_peek(BUS_MESSAGE_FIELDS(m), BUS_MESSAGE_FIELDS_SIZE(m), rindex, align, nbytes, ret);
3408 }
3409
3410 static int message_peek_field_uint32(
3411                 sd_bus_message *m,
3412                 size_t *ri,
3413                 uint32_t *ret) {
3414
3415         int r;
3416         void *q;
3417
3418         assert(m);
3419         assert(ri);
3420
3421         r = message_peek_fields(m, ri, 4, 4, &q);
3422         if (r < 0)
3423                 return r;
3424
3425         if (ret)
3426                 *ret = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
3427
3428         return 0;
3429 }
3430
3431 static int message_peek_field_string(
3432                 sd_bus_message *m,
3433                 bool (*validate)(const char *p),
3434                 size_t *ri,
3435                 const char **ret) {
3436
3437         uint32_t l;
3438         int r;
3439         void *q;
3440
3441         assert(m);
3442         assert(ri);
3443
3444         r = message_peek_field_uint32(m, ri, &l);
3445         if (r < 0)
3446                 return r;
3447
3448         r = message_peek_fields(m, ri, 1, l+1, &q);
3449         if (r < 0)
3450                 return r;
3451
3452         if (validate) {
3453                 if (!validate_nul(q, l))
3454                         return -EBADMSG;
3455
3456                 if (!validate(q))
3457                         return -EBADMSG;
3458         } else {
3459                 if (!validate_string(q, l))
3460                         return -EBADMSG;
3461         }
3462
3463         if (ret)
3464                 *ret = q;
3465
3466         return 0;
3467 }
3468
3469 static int message_peek_field_signature(
3470                 sd_bus_message *m,
3471                 size_t *ri,
3472                 const char **ret) {
3473
3474         size_t l;
3475         int r;
3476         void *q;
3477
3478         assert(m);
3479         assert(ri);
3480
3481         r = message_peek_fields(m, ri, 1, 1, &q);
3482         if (r < 0)
3483                 return r;
3484
3485         l = *(uint8_t*) q;
3486         r = message_peek_fields(m, ri, 1, l+1, &q);
3487         if (r < 0)
3488                 return r;
3489
3490         if (!validate_signature(q, l))
3491                 return -EBADMSG;
3492
3493         if (ret)
3494                 *ret = q;
3495
3496         return 0;
3497 }
3498
3499 static int message_skip_fields(
3500                 sd_bus_message *m,
3501                 size_t *ri,
3502                 uint32_t array_size,
3503                 const char **signature) {
3504
3505         size_t original_index;
3506         int r;
3507
3508         assert(m);
3509         assert(ri);
3510         assert(signature);
3511
3512         original_index = *ri;
3513
3514         for (;;) {
3515                 char t;
3516                 size_t l;
3517
3518                 if (array_size != (uint32_t) -1 &&
3519                     array_size <= *ri - original_index)
3520                         return 0;
3521
3522                 t = **signature;
3523                 if (!t)
3524                         return 0;
3525
3526                 if (t == SD_BUS_TYPE_STRING) {
3527
3528                         r = message_peek_field_string(m, NULL, ri, NULL);
3529                         if (r < 0)
3530                                 return r;
3531
3532                         (*signature)++;
3533
3534                 } else if (t == SD_BUS_TYPE_OBJECT_PATH) {
3535
3536                         r = message_peek_field_string(m, object_path_is_valid, ri, NULL);
3537                         if (r < 0)
3538                                 return r;
3539
3540                         (*signature)++;
3541
3542                 } else if (t == SD_BUS_TYPE_SIGNATURE) {
3543
3544                         r = message_peek_field_signature(m, ri, NULL);
3545                         if (r < 0)
3546                                 return r;
3547
3548                         (*signature)++;
3549
3550                 } else if (bus_type_is_basic(t)) {
3551                         ssize_t align, k;
3552
3553                         align = bus_type_get_alignment(t);
3554                         k = bus_type_get_size(t);
3555                         assert(align > 0 && k > 0);
3556
3557                         r = message_peek_fields(m, ri, align, k, NULL);
3558                         if (r < 0)
3559                                 return r;
3560
3561                         (*signature)++;
3562
3563                 } else if (t == SD_BUS_TYPE_ARRAY) {
3564
3565                         r = signature_element_length(*signature+1, &l);
3566                         if (r < 0)
3567                                 return r;
3568
3569                         assert(l >= 1);
3570                         {
3571                                 char sig[l-1], *s;
3572                                 uint32_t nas;
3573                                 int alignment;
3574
3575                                 strncpy(sig, *signature + 1, l-1);
3576                                 s = sig;
3577
3578                                 alignment = bus_type_get_alignment(sig[0]);
3579                                 if (alignment < 0)
3580                                         return alignment;
3581
3582                                 r = message_peek_field_uint32(m, ri, &nas);
3583                                 if (r < 0)
3584                                         return r;
3585                                 if (nas > BUS_ARRAY_MAX_SIZE)
3586                                         return -EBADMSG;
3587
3588                                 r = message_peek_fields(m, ri, alignment, 0, NULL);
3589                                 if (r < 0)
3590                                         return r;
3591
3592                                 r = message_skip_fields(m, ri, nas, (const char**) &s);
3593                                 if (r < 0)
3594                                         return r;
3595                         }
3596
3597                         (*signature) += 1 + l;
3598
3599                 } else if (t == SD_BUS_TYPE_VARIANT) {
3600                         const char *s;
3601
3602                         r = message_peek_field_signature(m, ri, &s);
3603                         if (r < 0)
3604                                 return r;
3605
3606                         r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3607                         if (r < 0)
3608                                 return r;
3609
3610                         (*signature)++;
3611
3612                 } else if (t == SD_BUS_TYPE_STRUCT ||
3613                            t == SD_BUS_TYPE_DICT_ENTRY) {
3614
3615                         r = signature_element_length(*signature, &l);
3616                         if (r < 0)
3617                                 return r;
3618
3619                         assert(l >= 2);
3620                         {
3621                                 char sig[l-1], *s;
3622                                 strncpy(sig, *signature + 1, l-1);
3623                                 s = sig;
3624
3625                                 r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3626                                 if (r < 0)
3627                                         return r;
3628                         }
3629
3630                         *signature += l;
3631                 } else
3632                         return -EINVAL;
3633         }
3634 }
3635
3636 int bus_message_parse_fields(sd_bus_message *m) {
3637         size_t ri;
3638         int r;
3639         uint32_t unix_fds = 0;
3640
3641         assert(m);
3642
3643         for (ri = 0; ri < BUS_MESSAGE_FIELDS_SIZE(m); ) {
3644                 const char *signature;
3645                 uint8_t *header;
3646
3647                 r = message_peek_fields(m, &ri, 8, 1, (void**) &header);
3648                 if (r < 0)
3649                         return r;
3650
3651                 r = message_peek_field_signature(m, &ri, &signature);
3652                 if (r < 0)
3653                         return r;
3654
3655                 switch (*header) {
3656                 case _SD_BUS_MESSAGE_HEADER_INVALID:
3657                         return -EBADMSG;
3658
3659                 case SD_BUS_MESSAGE_HEADER_PATH:
3660
3661                         if (m->path)
3662                                 return -EBADMSG;
3663
3664                         if (!streq(signature, "o"))
3665                                 return -EBADMSG;
3666
3667                         r = message_peek_field_string(m, object_path_is_valid, &ri, &m->path);
3668                         break;
3669
3670                 case SD_BUS_MESSAGE_HEADER_INTERFACE:
3671
3672                         if (m->interface)
3673                                 return -EBADMSG;
3674
3675                         if (!streq(signature, "s"))
3676                                 return -EBADMSG;
3677
3678                         r = message_peek_field_string(m, interface_name_is_valid, &ri, &m->interface);
3679                         break;
3680
3681                 case SD_BUS_MESSAGE_HEADER_MEMBER:
3682
3683                         if (m->member)
3684                                 return -EBADMSG;
3685
3686                         if (!streq(signature, "s"))
3687                                 return -EBADMSG;
3688
3689                         r = message_peek_field_string(m, member_name_is_valid, &ri, &m->member);
3690                         break;
3691
3692                 case SD_BUS_MESSAGE_HEADER_ERROR_NAME:
3693
3694                         if (m->error.name)
3695                                 return -EBADMSG;
3696
3697                         if (!streq(signature, "s"))
3698                                 return -EBADMSG;
3699
3700                         r = message_peek_field_string(m, error_name_is_valid, &ri, &m->error.name);
3701                         break;
3702
3703                 case SD_BUS_MESSAGE_HEADER_DESTINATION:
3704
3705                         if (m->destination)
3706                                 return -EBADMSG;
3707
3708                         if (!streq(signature, "s"))
3709                                 return -EBADMSG;
3710
3711                         r = message_peek_field_string(m, service_name_is_valid, &ri, &m->destination);
3712                         break;
3713
3714                 case SD_BUS_MESSAGE_HEADER_SENDER:
3715
3716                         if (m->sender)
3717                                 return -EBADMSG;
3718
3719                         if (!streq(signature, "s"))
3720                                 return -EBADMSG;
3721
3722                         r = message_peek_field_string(m, service_name_is_valid, &ri, &m->sender);
3723                         break;
3724
3725
3726                 case SD_BUS_MESSAGE_HEADER_SIGNATURE: {
3727                         const char *s;
3728                         char *c;
3729
3730                         if (m->root_container.signature)
3731                                 return -EBADMSG;
3732
3733                         if (!streq(signature, "g"))
3734                                 return -EBADMSG;
3735
3736                         r = message_peek_field_signature(m, &ri, &s);
3737                         if (r < 0)
3738                                 return r;
3739
3740                         c = strdup(s);
3741                         if (!c)
3742                                 return -ENOMEM;
3743
3744                         free(m->root_container.signature);
3745                         m->root_container.signature = c;
3746                         break;