chiark / gitweb /
bus: properly handle message bodies that are a chain of memory areas rather than...
[elogind.git] / src / libsystemd-bus / bus-message.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4   This file is part of systemd.
5
6   Copyright 2013 Lennart Poettering
7
8   systemd is free software; you can redistribute it and/or modify it
9   under the terms of the GNU Lesser General Public License as published by
10   the Free Software Foundation; either version 2.1 of the License, or
11   (at your option) any later version.
12
13   systemd is distributed in the hope that it will be useful, but
14   WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16   Lesser General Public License for more details.
17
18   You should have received a copy of the GNU Lesser General Public License
19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <sys/mman.h>
25
26 #include "util.h"
27 #include "utf8.h"
28 #include "strv.h"
29 #include "time-util.h"
30 #include "cgroup-util.h"
31
32 #include "sd-bus.h"
33 #include "bus-message.h"
34 #include "bus-internal.h"
35 #include "bus-type.h"
36 #include "bus-signature.h"
37
38 static int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored);
39
40 static void *adjust_pointer(const void *p, void *old_base, size_t sz, void *new_base) {
41
42         if (p == NULL)
43                 return NULL;
44
45         if (old_base == new_base)
46                 return (void*) p;
47
48         if ((uint8_t*) p < (uint8_t*) old_base)
49                 return (void*) p;
50
51         if ((uint8_t*) p >= (uint8_t*) old_base + sz)
52                 return (void*) p;
53
54         return (uint8_t*) new_base + ((uint8_t*) p - (uint8_t*) old_base);
55 }
56
57 static void message_free_part(sd_bus_message *m, struct bus_body_part *part) {
58         assert(m);
59         assert(part);
60
61         if (part->memfd >= 0) {
62
63                 if (!part->sealed)
64                         bus_kernel_push_memfd(m->bus, part->memfd, part->data, part->mapped);
65                 else {
66                         if (part->size > 0)
67                                 assert_se(munmap(part->data, PAGE_ALIGN(part->size)) == 0);
68
69                         close_nointr_nofail(part->memfd);
70                 }
71
72         } else if (part->free_this)
73                 free(part->data);
74
75         if (part != &m->body)
76                 free(part);
77 }
78
79 static void message_reset_parts(sd_bus_message *m) {
80         struct bus_body_part *part;
81
82         assert(m);
83
84         part = &m->body;
85         while (m->n_body_parts > 0) {
86                 struct bus_body_part *next = part->next;
87                 message_free_part(m, part);
88                 part = next;
89                 m->n_body_parts--;
90         }
91
92         m->body_end = NULL;
93
94         m->cached_rindex_part = NULL;
95         m->cached_rindex_part_begin = 0;
96 }
97
98 static void message_reset_containers(sd_bus_message *m) {
99         unsigned i;
100
101         assert(m);
102
103         for (i = 0; i < m->n_containers; i++)
104                 free(m->containers[i].signature);
105
106         free(m->containers);
107         m->containers = NULL;
108
109         m->n_containers = 0;
110         m->root_container.index = 0;
111 }
112
113 static void message_free(sd_bus_message *m) {
114         assert(m);
115
116         if (m->free_header)
117                 free(m->header);
118
119         if (m->free_fields)
120                 free(m->fields);
121
122         message_reset_parts(m);
123
124         if (m->free_kdbus)
125                 free(m->kdbus);
126
127         if (m->release_kdbus)
128                 ioctl(m->bus->input_fd, KDBUS_CMD_MSG_RELEASE, m->kdbus);
129
130         if (m->free_fds) {
131                 close_many(m->fds, m->n_fds);
132                 free(m->fds);
133         }
134
135         if (m->bus)
136                 sd_bus_unref(m->bus);
137
138         if (m->iovec != m->iovec_fixed)
139                 free(m->iovec);
140
141         free(m->cmdline_array);
142
143         message_reset_containers(m);
144         free(m->root_container.signature);
145
146         free(m->peeked_signature);
147
148         free(m->unit);
149         free(m->user_unit);
150         free(m->session);
151         free(m);
152 }
153
154 static void* buffer_extend(void **p, uint32_t *sz, size_t align, size_t extend) {
155         size_t start, end;
156         void *k;
157
158         assert(p);
159         assert(sz);
160         assert(align > 0);
161
162         start = ALIGN_TO((size_t) *sz, align);
163         end = start + extend;
164
165         if (end == *sz)
166                 return (uint8_t*) *p + start;
167
168         if (end > (size_t) ((uint32_t) -1))
169                 return NULL;
170
171         k = realloc(*p, end);
172         if (!k)
173                 return NULL;
174
175         /* Zero out padding */
176         if (start > *sz)
177                 memset((uint8_t*) k + *sz, 0, start - *sz);
178
179         *p = k;
180         *sz = end;
181
182         return (uint8_t*) k + start;
183 }
184
185 static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz) {
186         void *p, *op;
187         size_t os;
188
189         assert(m);
190
191         if (m->poisoned)
192                 return NULL;
193
194         op = m->fields;
195         os = m->header->fields_size;
196
197         p = buffer_extend(&m->fields, &m->header->fields_size, align, sz);
198         if (!p) {
199                 m->poisoned = true;
200                 return NULL;
201         }
202
203         /* Adjust quick access pointers */
204         m->path = adjust_pointer(m->path, op, os, m->fields);
205         m->interface = adjust_pointer(m->interface, op, os, m->fields);
206         m->member = adjust_pointer(m->member, op, os, m->fields);
207         m->destination = adjust_pointer(m->destination, op, os, m->fields);
208         m->sender = adjust_pointer(m->sender, op, os, m->fields);
209         m->error.name = adjust_pointer(m->error.name, op, os, m->fields);
210
211         m->free_fields = true;
212
213         return p;
214 }
215
216 static int message_append_field_string(
217                 sd_bus_message *m,
218                 uint8_t h,
219                 char type,
220                 const char *s,
221                 const char **ret) {
222
223         size_t l;
224         uint8_t *p;
225
226         assert(m);
227
228         l = strlen(s);
229         if (l > (size_t) (uint32_t) -1)
230                 return -EINVAL;
231
232         /* field id byte + signature length + signature 's' + NUL + string length + string + NUL */
233         p = message_extend_fields(m, 8, 4 + 4 + l + 1);
234         if (!p)
235                 return -ENOMEM;
236
237         p[0] = h;
238         p[1] = 1;
239         p[2] = type;
240         p[3] = 0;
241
242         ((uint32_t*) p)[1] = l;
243         memcpy(p + 8, s, l + 1);
244
245         if (ret)
246                 *ret = (char*) p + 8;
247
248         return 0;
249 }
250
251 static int message_append_field_signature(
252                 sd_bus_message *m,
253                 uint8_t h,
254                 const char *s,
255                 const char **ret) {
256
257         size_t l;
258         uint8_t *p;
259
260         assert(m);
261
262         l = strlen(s);
263         if (l > 255)
264                 return -EINVAL;
265
266         /* field id byte + signature length + signature 'g' + NUL + string length + string + NUL */
267         p = message_extend_fields(m, 8, 4 + 1 + l + 1);
268         if (!p)
269                 return -ENOMEM;
270
271         p[0] = h;
272         p[1] = 1;
273         p[2] = SD_BUS_TYPE_SIGNATURE;
274         p[3] = 0;
275         p[4] = l;
276         memcpy(p + 5, s, l + 1);
277
278         if (ret)
279                 *ret = (const char*) p + 5;
280
281         return 0;
282 }
283
284 static int message_append_field_uint32(sd_bus_message *m, uint8_t h, uint32_t x) {
285         uint8_t *p;
286
287         assert(m);
288
289         /* field id byte + signature length + signature 'u' + NUL + value */
290         p = message_extend_fields(m, 8, 4 + 4);
291         if (!p)
292                 return -ENOMEM;
293
294         p[0] = h;
295         p[1] = 1;
296         p[2] = SD_BUS_TYPE_UINT32;
297         p[3] = 0;
298
299         ((uint32_t*) p)[1] = x;
300
301         return 0;
302 }
303
304 int bus_message_from_header(
305                 void *buffer,
306                 size_t length,
307                 int *fds,
308                 unsigned n_fds,
309                 const struct ucred *ucred,
310                 const char *label,
311                 size_t extra,
312                 sd_bus_message **ret) {
313
314         sd_bus_message *m;
315         struct bus_header *h;
316         size_t a, label_sz;
317
318         assert(buffer || length <= 0);
319         assert(fds || n_fds <= 0);
320         assert(ret);
321
322         if (length < sizeof(struct bus_header))
323                 return -EBADMSG;
324
325         h = buffer;
326         if (h->version != 1)
327                 return -EBADMSG;
328
329         if (h->serial == 0)
330                 return -EBADMSG;
331
332         if (h->type == _SD_BUS_MESSAGE_TYPE_INVALID)
333                 return -EBADMSG;
334
335         if (h->endian != SD_BUS_LITTLE_ENDIAN &&
336             h->endian != SD_BUS_BIG_ENDIAN)
337                 return -EBADMSG;
338
339         a = ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
340
341         if (label) {
342                 label_sz = strlen(label);
343                 a += label_sz + 1;
344         }
345
346         m = malloc0(a);
347         if (!m)
348                 return -ENOMEM;
349
350         m->n_ref = 1;
351         m->sealed = true;
352         m->header = h;
353         m->fds = fds;
354         m->n_fds = n_fds;
355
356         if (ucred) {
357                 m->uid = ucred->uid;
358                 m->pid = ucred->pid;
359                 m->gid = ucred->gid;
360                 m->uid_valid = m->gid_valid = true;
361         }
362
363         if (label) {
364                 m->label = (char*) m + ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
365                 memcpy(m->label, label, label_sz + 1);
366         }
367
368         *ret = m;
369         return 0;
370 }
371
372 int bus_message_from_malloc(
373                 void *buffer,
374                 size_t length,
375                 int *fds,
376                 unsigned n_fds,
377                 const struct ucred *ucred,
378                 const char *label,
379                 sd_bus_message **ret) {
380
381         sd_bus_message *m;
382         int r;
383
384         r = bus_message_from_header(buffer, length, fds, n_fds, ucred, label, 0, &m);
385         if (r < 0)
386                 return r;
387
388         if (length != BUS_MESSAGE_SIZE(m)) {
389                 r = -EBADMSG;
390                 goto fail;
391         }
392
393         m->fields = (uint8_t*) buffer + sizeof(struct bus_header);
394
395         m->n_body_parts = 1;
396         m->body.data = (uint8_t*) buffer + sizeof(struct bus_header) + ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
397         m->body.size = length - sizeof(struct bus_header) - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
398         m->body.sealed = true;
399         m->body.memfd = -1;
400
401         m->n_iovec = 1;
402         m->iovec = m->iovec_fixed;
403         m->iovec[0].iov_base = buffer;
404         m->iovec[0].iov_len = length;
405
406         r = bus_message_parse_fields(m);
407         if (r < 0)
408                 goto fail;
409
410         /* We take possession of the memory and fds now */
411         m->free_header = true;
412         m->free_fds = true;
413
414         *ret = m;
415         return 0;
416
417 fail:
418         message_free(m);
419         return r;
420 }
421
422 static sd_bus_message *message_new(sd_bus *bus, uint8_t type) {
423         sd_bus_message *m;
424
425         m = malloc0(ALIGN(sizeof(sd_bus_message)) + sizeof(struct bus_header));
426         if (!m)
427                 return NULL;
428
429         m->n_ref = 1;
430         m->header = (struct bus_header*) ((uint8_t*) m + ALIGN(sizeof(struct sd_bus_message)));
431         m->header->endian = SD_BUS_NATIVE_ENDIAN;
432         m->header->type = type;
433         m->header->version = bus ? bus->message_version : 1;
434         m->allow_fds = !bus || bus->can_fds || (bus->state != BUS_HELLO && bus->state != BUS_RUNNING);
435
436         return m;
437 }
438
439 int sd_bus_message_new_signal(
440                 sd_bus *bus,
441                 const char *path,
442                 const char *interface,
443                 const char *member,
444                 sd_bus_message **m) {
445
446         sd_bus_message *t;
447         int r;
448
449         if (!path)
450                 return -EINVAL;
451         if (!interface)
452                 return -EINVAL;
453         if (!member)
454                 return -EINVAL;
455         if (!m)
456                 return -EINVAL;
457         if (bus && bus->state == BUS_UNSET)
458                 return -ENOTCONN;
459
460         t = message_new(bus, SD_BUS_MESSAGE_TYPE_SIGNAL);
461         if (!t)
462                 return -ENOMEM;
463
464         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
465
466         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
467         if (r < 0)
468                 goto fail;
469         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
470         if (r < 0)
471                 goto fail;
472         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
473         if (r < 0)
474                 goto fail;
475
476         *m = t;
477         return 0;
478
479 fail:
480         sd_bus_message_unref(t);
481         return r;
482 }
483
484 int sd_bus_message_new_method_call(
485                 sd_bus *bus,
486                 const char *destination,
487                 const char *path,
488                 const char *interface,
489                 const char *member,
490                 sd_bus_message **m) {
491
492         sd_bus_message *t;
493         int r;
494
495         if (!path)
496                 return -EINVAL;
497         if (!member)
498                 return -EINVAL;
499         if (!m)
500                 return -EINVAL;
501         if (bus && bus->state == BUS_UNSET)
502                 return -ENOTCONN;
503
504         t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_CALL);
505         if (!t)
506                 return -ENOMEM;
507
508         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
509         if (r < 0)
510                 goto fail;
511         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
512         if (r < 0)
513                 goto fail;
514
515         if (interface) {
516                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
517                 if (r < 0)
518                         goto fail;
519         }
520
521         if (destination) {
522                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, destination, &t->destination);
523                 if (r < 0)
524                         goto fail;
525         }
526
527         *m = t;
528         return 0;
529
530 fail:
531         message_free(t);
532         return r;
533 }
534
535 static int message_new_reply(
536                 sd_bus *bus,
537                 sd_bus_message *call,
538                 uint8_t type,
539                 sd_bus_message **m) {
540
541         sd_bus_message *t;
542         int r;
543
544         if (!call)
545                 return -EINVAL;
546         if (!call->sealed)
547                 return -EPERM;
548         if (call->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
549                 return -EINVAL;
550         if (!m)
551                 return -EINVAL;
552         if (bus && bus->state == BUS_UNSET)
553                 return -ENOTCONN;
554
555         t = message_new(bus, type);
556         if (!t)
557                 return -ENOMEM;
558
559         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
560         t->reply_serial = BUS_MESSAGE_SERIAL(call);
561
562         r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
563         if (r < 0)
564                 goto fail;
565
566         if (call->sender) {
567                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, call->sender, &t->sender);
568                 if (r < 0)
569                         goto fail;
570         }
571
572         t->dont_send = !!(call->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED);
573
574         *m = t;
575         return 0;
576
577 fail:
578         message_free(t);
579         return r;
580 }
581
582 int sd_bus_message_new_method_return(
583                 sd_bus *bus,
584                 sd_bus_message *call,
585                 sd_bus_message **m) {
586
587         return message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_RETURN, m);
588 }
589
590 int sd_bus_message_new_method_error(
591                 sd_bus *bus,
592                 sd_bus_message *call,
593                 const sd_bus_error *e,
594                 sd_bus_message **m) {
595
596         sd_bus_message *t;
597         int r;
598
599         if (!sd_bus_error_is_set(e))
600                 return -EINVAL;
601         if (!m)
602                 return -EINVAL;
603
604         r = message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_ERROR, &t);
605         if (r < 0)
606                 return r;
607
608         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_ERROR_NAME, SD_BUS_TYPE_STRING, e->name, &t->error.name);
609         if (r < 0)
610                 goto fail;
611
612         if (e->message) {
613                 r = message_append_basic(t, SD_BUS_TYPE_STRING, e->message, (const void**) &t->error.message);
614                 if (r < 0)
615                         goto fail;
616         }
617
618         *m = t;
619         return 0;
620
621 fail:
622         message_free(t);
623         return r;
624 }
625
626 sd_bus_message* sd_bus_message_ref(sd_bus_message *m) {
627         if (!m)
628                 return NULL;
629
630         assert(m->n_ref > 0);
631         m->n_ref++;
632
633         return m;
634 }
635
636 sd_bus_message* sd_bus_message_unref(sd_bus_message *m) {
637         if (!m)
638                 return NULL;
639
640         assert(m->n_ref > 0);
641         m->n_ref--;
642
643         if (m->n_ref <= 0)
644                 message_free(m);
645
646         return NULL;
647 }
648
649 int sd_bus_message_get_type(sd_bus_message *m, uint8_t *type) {
650         if (!m)
651                 return -EINVAL;
652         if (!type)
653                 return -EINVAL;
654
655         *type = m->header->type;
656         return 0;
657 }
658
659 int sd_bus_message_get_serial(sd_bus_message *m, uint64_t *serial) {
660         if (!m)
661                 return -EINVAL;
662         if (!serial)
663                 return -EINVAL;
664         if (m->header->serial == 0)
665                 return -ENOENT;
666
667         *serial = BUS_MESSAGE_SERIAL(m);
668         return 0;
669 }
670
671 int sd_bus_message_get_reply_serial(sd_bus_message *m, uint64_t *serial) {
672         if (!m)
673                 return -EINVAL;
674         if (!serial)
675                 return -EINVAL;
676         if (m->reply_serial == 0)
677                 return -ENOENT;
678
679         *serial = m->reply_serial;
680         return 0;
681 }
682
683 int sd_bus_message_get_no_reply(sd_bus_message *m) {
684         if (!m)
685                 return -EINVAL;
686
687         return m->header->type == SD_BUS_MESSAGE_TYPE_METHOD_CALL ? !!(m->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED) : 0;
688 }
689
690 const char *sd_bus_message_get_path(sd_bus_message *m) {
691         if (!m)
692                 return NULL;
693
694         return m->path;
695 }
696
697 const char *sd_bus_message_get_interface(sd_bus_message *m) {
698         if (!m)
699                 return NULL;
700
701         return m->interface;
702 }
703
704 const char *sd_bus_message_get_member(sd_bus_message *m) {
705         if (!m)
706                 return NULL;
707
708         return m->member;
709 }
710 const char *sd_bus_message_get_destination(sd_bus_message *m) {
711         if (!m)
712                 return NULL;
713
714         return m->destination;
715 }
716
717 const char *sd_bus_message_get_sender(sd_bus_message *m) {
718         if (!m)
719                 return NULL;
720
721         return m->sender;
722 }
723
724 const sd_bus_error *sd_bus_message_get_error(sd_bus_message *m) {
725         if (!m)
726                 return NULL;
727
728         if (!sd_bus_error_is_set(&m->error))
729                 return NULL;
730
731         return &m->error;
732 }
733
734 int sd_bus_message_get_uid(sd_bus_message *m, uid_t *uid) {
735         if (!m)
736                 return -EINVAL;
737         if (!uid)
738                 return -EINVAL;
739         if (!m->uid_valid)
740                 return -ESRCH;
741
742         *uid = m->uid;
743         return 0;
744 }
745
746 int sd_bus_message_get_gid(sd_bus_message *m, gid_t *gid) {
747         if (!m)
748                 return -EINVAL;
749         if (!gid)
750                 return -EINVAL;
751         if (!m->gid_valid)
752                 return -ESRCH;
753
754         *gid = m->gid;
755         return 0;
756 }
757
758 int sd_bus_message_get_pid(sd_bus_message *m, pid_t *pid) {
759         if (!m)
760                 return -EINVAL;
761         if (!pid)
762                 return -EINVAL;
763         if (m->pid <= 0)
764                 return -ESRCH;
765
766         *pid = m->pid;
767         return 0;
768 }
769
770 int sd_bus_message_get_tid(sd_bus_message *m, pid_t *tid) {
771         if (!m)
772                 return -EINVAL;
773         if (!tid)
774                 return -EINVAL;
775         if (m->tid <= 0)
776                 return -ESRCH;
777
778         *tid = m->tid;
779         return 0;
780 }
781
782 int sd_bus_message_get_pid_starttime(sd_bus_message *m, uint64_t *usec) {
783         if (!m)
784                 return -EINVAL;
785         if (!usec)
786                 return -EINVAL;
787         if (m->pid_starttime <= 0)
788                 return -ESRCH;
789
790         *usec = m->pid_starttime;
791         return 0;
792 }
793
794 int sd_bus_message_get_selinux_context(sd_bus_message *m, const char **ret) {
795         if (!m)
796                 return -EINVAL;
797         if (!m->label)
798                 return -ESRCH;
799
800         *ret = m->label;
801         return 0;
802 }
803
804 int sd_bus_message_get_monotonic_timestamp(sd_bus_message *m, uint64_t *usec) {
805         if (!m)
806                 return -EINVAL;
807         if (!usec)
808                 return -EINVAL;
809         if (m->monotonic <= 0)
810                 return -ESRCH;
811
812         *usec = m->monotonic;
813         return 0;
814 }
815
816 int sd_bus_message_get_realtime_timestamp(sd_bus_message *m, uint64_t *usec) {
817         if (!m)
818                 return -EINVAL;
819         if (!usec)
820                 return -EINVAL;
821         if (m->realtime <= 0)
822                 return -ESRCH;
823
824         *usec = m->realtime;
825         return 0;
826 }
827
828 int sd_bus_message_get_comm(sd_bus_message *m, const char **ret) {
829         if (!m)
830                 return -EINVAL;
831         if (!ret)
832                 return -EINVAL;
833         if (!m->comm)
834                 return -ESRCH;
835
836         *ret = m->comm;
837         return 0;
838 }
839
840 int sd_bus_message_get_tid_comm(sd_bus_message *m, const char **ret) {
841         if (!m)
842                 return -EINVAL;
843         if (!ret)
844                 return -EINVAL;
845         if (!m->tid_comm)
846                 return -ESRCH;
847
848         *ret = m->tid_comm;
849         return 0;
850 }
851
852 int sd_bus_message_get_exe(sd_bus_message *m, const char **ret) {
853         if (!m)
854                 return -EINVAL;
855         if (!ret)
856                 return -EINVAL;
857         if (!m->exe)
858                 return -ESRCH;
859
860         *ret = m->exe;
861         return 0;
862 }
863
864 int sd_bus_message_get_cgroup(sd_bus_message *m, const char **ret) {
865         if (!m)
866                 return -EINVAL;
867         if (!ret)
868                 return -EINVAL;
869         if (!m->cgroup)
870                 return -ESRCH;
871
872         *ret = m->cgroup;
873         return 0;
874 }
875
876 int sd_bus_message_get_unit(sd_bus_message *m, const char **ret) {
877         int r;
878
879         if (!m)
880                 return -EINVAL;
881         if (!ret)
882                 return -EINVAL;
883         if (!m->cgroup)
884                 return -ESRCH;
885
886         if (!m->unit) {
887                 r = cg_path_get_unit(m->cgroup, &m->unit);
888                 if (r < 0)
889                         return r;
890         }
891
892         *ret = m->unit;
893         return 0;
894 }
895
896 int sd_bus_message_get_user_unit(sd_bus_message *m, const char **ret) {
897         int r;
898
899         if (!m)
900                 return -EINVAL;
901         if (!ret)
902                 return -EINVAL;
903         if (!m->cgroup)
904                 return -ESRCH;
905
906         if (!m->user_unit) {
907                 r = cg_path_get_user_unit(m->cgroup, &m->user_unit);
908                 if (r < 0)
909                         return r;
910         }
911
912         *ret = m->user_unit;
913         return 0;
914 }
915
916 int sd_bus_message_get_session(sd_bus_message *m, const char **ret) {
917         int r;
918
919         if (!m)
920                 return -EINVAL;
921         if (!ret)
922                 return -EINVAL;
923         if (!m->cgroup)
924                 return -ESRCH;
925
926         if (!m->session) {
927                 r = cg_path_get_session(m->cgroup, &m->session);
928                 if (r < 0)
929                         return r;
930         }
931
932         *ret = m->session;
933         return 0;
934 }
935
936 int sd_bus_message_get_owner_uid(sd_bus_message *m, uid_t *uid) {
937         if (!m)
938                 return -EINVAL;
939         if (!uid)
940                 return -EINVAL;
941         if (!m->cgroup)
942                 return -ESRCH;
943
944         return cg_path_get_owner_uid(m->cgroup, uid);
945 }
946
947 int sd_bus_message_get_cmdline(sd_bus_message *m, char ***cmdline) {
948         size_t n, i;
949         const char *p;
950         bool first;
951
952         if (!m)
953                 return -EINVAL;
954
955         if (!m->cmdline)
956                 return -ENOENT;
957
958         for (p = m->cmdline, n = 0; p < m->cmdline + m->cmdline_length; p++)
959                 if (*p == 0)
960                         n++;
961
962         m->cmdline_array = new(char*, n + 1);
963         if (!m->cmdline_array)
964                 return -ENOMEM;
965
966         for (p = m->cmdline, i = 0, first = true; p < m->cmdline + m->cmdline_length; p++) {
967                 if (first)
968                         m->cmdline_array[i++] = (char*) p;
969
970                 first = *p == 0;
971         }
972
973         m->cmdline_array[i] = NULL;
974         *cmdline = m->cmdline_array;
975
976         return 0;
977 }
978
979 int sd_bus_message_get_audit_sessionid(sd_bus_message *m, uint32_t *sessionid) {
980         if (!m)
981                 return -EINVAL;
982         if (!sessionid)
983                 return -EINVAL;
984         if (!m->audit)
985                 return -ESRCH;
986
987         *sessionid = m->audit->sessionid;
988         return 0;
989 }
990
991 int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *uid) {
992         if (!m)
993                 return -EINVAL;
994         if (!uid)
995                 return -EINVAL;
996         if (!m->audit)
997                 return -ESRCH;
998
999         *uid = m->audit->loginuid;
1000         return 0;
1001 }
1002
1003 int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability) {
1004         unsigned sz;
1005
1006         if (!m)
1007                 return -EINVAL;
1008         if (capability < 0)
1009                 return -EINVAL;
1010         if (!m->capability)
1011                 return -ESRCH;
1012
1013         sz = m->capability_size / 4;
1014         if ((unsigned) capability >= sz*8)
1015                 return 0;
1016
1017         return !!(m->capability[2 * sz + (capability / 8)] & (1 << (capability % 8)));
1018 }
1019
1020 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member) {
1021         if (!m)
1022                 return -EINVAL;
1023
1024         if (m->header->type != SD_BUS_MESSAGE_TYPE_SIGNAL)
1025                 return 0;
1026
1027         if (interface && (!m->interface || !streq(m->interface, interface)))
1028                 return 0;
1029
1030         if (member &&  (!m->member || !streq(m->member, member)))
1031                 return 0;
1032
1033         return 1;
1034 }
1035
1036 int sd_bus_message_is_method_call(sd_bus_message *m, const char *interface, const char *member) {
1037         if (!m)
1038                 return -EINVAL;
1039
1040         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1041                 return 0;
1042
1043         if (interface && (!m->interface || !streq(m->interface, interface)))
1044                 return 0;
1045
1046         if (member &&  (!m->member || !streq(m->member, member)))
1047                 return 0;
1048
1049         return 1;
1050 }
1051
1052 int sd_bus_message_is_method_error(sd_bus_message *m, const char *name) {
1053         if (!m)
1054                 return -EINVAL;
1055
1056         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_ERROR)
1057                 return 0;
1058
1059         if (name && (!m->error.name || !streq(m->error.name, name)))
1060                 return 0;
1061
1062         return 1;
1063 }
1064
1065 int sd_bus_message_set_no_reply(sd_bus_message *m, int b) {
1066         if (!m)
1067                 return -EINVAL;
1068         if (m->sealed)
1069                 return -EPERM;
1070         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1071                 return -EPERM;
1072
1073         if (b)
1074                 m->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1075         else
1076                 m->header->flags &= ~SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1077
1078         return 0;
1079 }
1080
1081 static struct bus_container *message_get_container(sd_bus_message *m) {
1082         assert(m);
1083
1084         if (m->n_containers == 0)
1085                 return &m->root_container;
1086
1087         assert(m->containers);
1088         return m->containers + m->n_containers - 1;
1089 }
1090
1091 struct bus_body_part *message_append_part(sd_bus_message *m) {
1092         struct bus_body_part *part;
1093
1094         assert(m);
1095
1096         if (m->poisoned)
1097                 return NULL;
1098
1099         if (m->n_body_parts <= 0) {
1100                 part = &m->body;
1101                 zero(*part);
1102         } else {
1103                 assert(m->body_end);
1104
1105                 part = new0(struct bus_body_part, 1);
1106                 if (!part) {
1107                         m->poisoned = true;
1108                         return NULL;
1109                 }
1110
1111                 m->body_end->next = part;
1112         }
1113
1114         part->memfd = -1;
1115         m->body_end = part;
1116         m->n_body_parts ++;
1117
1118         return part;
1119 }
1120
1121 static void part_zero(struct bus_body_part *part, size_t sz) {
1122         assert(part);
1123         assert(sz > 0);
1124         assert(sz < 8);
1125
1126         part->data = NULL;
1127         part->size = sz;
1128 }
1129
1130 static int part_make_space(
1131                 struct sd_bus_message *m,
1132                 struct bus_body_part *part,
1133                 size_t sz,
1134                 void **q) {
1135
1136         void *n;
1137         int r;
1138
1139         assert(m);
1140         assert(part);
1141         assert(!part->sealed);
1142
1143         if (m->poisoned)
1144                 return -ENOMEM;
1145
1146         if (!part->data && part->memfd < 0)
1147                 part->memfd = bus_kernel_pop_memfd(m->bus, &part->data, &part->mapped);
1148
1149         if (part->memfd >= 0) {
1150                 uint64_t u = sz;
1151
1152                 r = ioctl(part->memfd, KDBUS_CMD_MEMFD_SIZE_SET, &u);
1153                 if (r < 0) {
1154                         m->poisoned = true;
1155                         return -errno;
1156                 }
1157
1158                 if (sz > part->mapped) {
1159                         size_t psz = PAGE_ALIGN(sz);
1160
1161                         if (part->mapped <= 0)
1162                                 n = mmap(NULL, psz, PROT_READ|PROT_WRITE, MAP_SHARED, part->memfd, 0);
1163                         else
1164                                 n = mremap(part->data, part->mapped, psz, MREMAP_MAYMOVE);
1165
1166                         if (n == MAP_FAILED) {
1167                                 m->poisoned = true;
1168                                 return -errno;
1169                         }
1170
1171                         part->mapped = psz;
1172                         part->data = n;
1173                 }
1174         } else {
1175                 n = realloc(part->data, sz);
1176                 if (!n) {
1177                         m->poisoned = true;
1178                         return -ENOMEM;
1179                 }
1180
1181                 part->data = n;
1182                 part->free_this = true;
1183         }
1184
1185         if (q)
1186                 *q = part->data ? (uint8_t*) part->data + part->size : NULL;
1187
1188         part->size = sz;
1189         return 0;
1190 }
1191
1192 static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
1193         struct bus_container *c;
1194         struct bus_body_part *part = NULL;
1195         size_t start_body, end_body, padding, start_part, end_part, added;
1196         bool add_new_part;
1197         void *p;
1198         int r;
1199
1200         assert(m);
1201         assert(align > 0);
1202         assert(!m->sealed);
1203
1204         if (m->poisoned)
1205                 return NULL;
1206
1207         start_body = ALIGN_TO((size_t) m->header->body_size, align);
1208         end_body = start_body + sz;
1209
1210         padding = start_body - m->header->body_size;
1211         added = padding + sz;
1212
1213         /* Check for 32bit overflows */
1214         if (end_body > (size_t) ((uint32_t) -1)) {
1215                 m->poisoned = true;
1216                 return NULL;
1217         }
1218
1219         add_new_part =
1220                 m->n_body_parts <= 0 ||
1221                 m->body_end->sealed ||
1222                 padding != ALIGN_TO(m->body_end->size, align) - m->body_end->size;
1223
1224         if (add_new_part) {
1225                 if (padding > 0) {
1226                         part = message_append_part(m);
1227                         if (!part)
1228                                 return NULL;
1229
1230                         part_zero(part, padding);
1231                 }
1232
1233                 part = message_append_part(m);
1234                 if (!part)
1235                         return NULL;
1236
1237                 r = part_make_space(m, part, sz, &p);
1238                 if (r < 0)
1239                         return NULL;
1240         } else {
1241                 void *op;
1242                 size_t os;
1243
1244                 part = m->body_end;
1245                 op = part->data;
1246                 os = part->size;
1247
1248                 start_part = ALIGN_TO(part->size, align);
1249                 end_part = start_part + sz;
1250
1251                 r = part_make_space(m, part, end_part, &p);
1252                 if (r < 0)
1253                         return NULL;
1254
1255                 if (padding > 0) {
1256                         memset(p, 0, padding);
1257                         p = (uint8_t*) p + padding;
1258                 }
1259
1260                 /* Readjust pointers */
1261                 for (c = m->containers; c < m->containers + m->n_containers; c++)
1262                         c->array_size = adjust_pointer(c->array_size, op, os, part->data);
1263
1264                 m->error.message = (const char*) adjust_pointer(m->error.message, op, os, part->data);
1265         }
1266
1267         /* Update counters */
1268         for (c = m->containers; c < m->containers + m->n_containers; c++)
1269                 if (c->array_size)
1270                         *c->array_size += added;
1271
1272         m->header->body_size = end_body;
1273
1274         return p;
1275 }
1276
1277 int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored) {
1278         struct bus_container *c;
1279         ssize_t align, sz;
1280         uint32_t k;
1281         void *a;
1282         char *e = NULL;
1283         int fd = -1;
1284         uint32_t fdi = 0;
1285         int r;
1286
1287         if (!m)
1288                 return -EINVAL;
1289         if (!p)
1290                 return -EINVAL;
1291         if (m->sealed)
1292                 return -EPERM;
1293         if (!bus_type_is_basic(type))
1294                 return -EINVAL;
1295         if (m->poisoned)
1296                 return -ESTALE;
1297
1298         c = message_get_container(m);
1299
1300         if (c->signature && c->signature[c->index]) {
1301                 /* Container signature is already set */
1302
1303                 if (c->signature[c->index] != type)
1304                         return -ENXIO;
1305         } else {
1306                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1307                 if (c->enclosing != 0)
1308                         return -ENXIO;
1309
1310                 e = strextend(&c->signature, CHAR_TO_STR(type), NULL);
1311                 if (!e) {
1312                         m->poisoned = true;
1313                         return -ENOMEM;
1314                 }
1315         }
1316
1317         switch (type) {
1318
1319         case SD_BUS_TYPE_STRING:
1320         case SD_BUS_TYPE_OBJECT_PATH:
1321
1322                 align = 4;
1323                 sz = 4 + strlen(p) + 1;
1324                 break;
1325
1326         case SD_BUS_TYPE_SIGNATURE:
1327
1328                 align = 1;
1329                 sz = 1 + strlen(p) + 1;
1330                 break;
1331
1332         case SD_BUS_TYPE_BOOLEAN:
1333                 align = sz = 4;
1334
1335                 assert_cc(sizeof(int) == sizeof(uint32_t));
1336                 memcpy(&k, p, 4);
1337                 k = !!k;
1338                 p = &k;
1339                 break;
1340
1341         case SD_BUS_TYPE_UNIX_FD: {
1342                 int z, *f;
1343
1344                 if (!m->allow_fds) {
1345                         r = -ENOTSUP;
1346                         goto fail;
1347                 }
1348
1349                 align = sz = 4;
1350
1351                 z = *(int*) p;
1352                 if (z < 0) {
1353                         r = -EINVAL;
1354                         goto fail;
1355                 }
1356
1357                 fd = fcntl(z, F_DUPFD_CLOEXEC, 3);
1358                 if (fd < 0) {
1359                         r = -errno;
1360                         goto fail;
1361                 }
1362
1363                 f = realloc(m->fds, sizeof(int) * (m->n_fds + 1));
1364                 if (!f) {
1365                         m->poisoned = true;
1366                         r = -ENOMEM;
1367                         goto fail;
1368                 }
1369
1370                 fdi = m->n_fds;
1371                 f[fdi] = fd;
1372                 m->fds = f;
1373                 m->free_fds = true;
1374                 break;
1375         }
1376
1377         default:
1378                 align = bus_type_get_alignment(type);
1379                 sz = bus_type_get_size(type);
1380                 break;
1381         }
1382
1383         assert(align > 0);
1384         assert(sz > 0);
1385
1386         a = message_extend_body(m, align, sz);
1387         if (!a) {
1388                 r = -ENOMEM;
1389                 goto fail;
1390         }
1391
1392         if (type == SD_BUS_TYPE_STRING || type == SD_BUS_TYPE_OBJECT_PATH) {
1393                 *(uint32_t*) a = sz - 5;
1394                 memcpy((uint8_t*) a + 4, p, sz - 4);
1395
1396                 if (stored)
1397                         *stored = (const uint8_t*) a + 4;
1398
1399         } else if (type == SD_BUS_TYPE_SIGNATURE) {
1400                 *(uint8_t*) a = sz - 1;
1401                 memcpy((uint8_t*) a + 1, p, sz - 1);
1402
1403                 if (stored)
1404                         *stored = (const uint8_t*) a + 1;
1405         } else if (type == SD_BUS_TYPE_UNIX_FD) {
1406                 *(uint32_t*) a = fdi;
1407
1408                 if (stored)
1409                         *stored = a;
1410
1411                 m->n_fds ++;
1412
1413         } else {
1414                 memcpy(a, p, sz);
1415
1416                 if (stored)
1417                         *stored = a;
1418         }
1419
1420         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1421                 c->index++;
1422
1423         return 0;
1424
1425 fail:
1426         if (fd >= 0)
1427                 close_nointr_nofail(fd);
1428
1429         return r;
1430 }
1431
1432 int sd_bus_message_append_basic(sd_bus_message *m, char type, const void *p) {
1433         return message_append_basic(m, type, p, NULL);
1434 }
1435
1436 int sd_bus_message_append_string_space(sd_bus_message *m, size_t size, char **s) {
1437         struct bus_container *c;
1438         char *e;
1439         void *a;
1440
1441         if (!m)
1442                 return -EINVAL;
1443         if (!s)
1444                 return -EINVAL;
1445         if (m->sealed)
1446                 return -EPERM;
1447         if (m->poisoned)
1448                 return -ESTALE;
1449
1450         c = message_get_container(m);
1451
1452         if (c->signature && c->signature[c->index]) {
1453                 /* Container signature is already set */
1454
1455                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
1456                         return -ENXIO;
1457         } else {
1458                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1459                 if (c->enclosing != 0)
1460                         return -ENXIO;
1461
1462                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
1463                 if (!e) {
1464                         m->poisoned = true;
1465                         return -ENOMEM;
1466                 }
1467         }
1468
1469
1470         a = message_extend_body(m, 4, 4 + size + 1);
1471         if (!a)
1472                 return -ENOMEM;
1473
1474         *(uint32_t*) a = size;
1475         *s = (char*) a + 4;
1476
1477         (*s)[size] = 0;
1478
1479         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1480                 c->index++;
1481
1482         return 0;
1483 }
1484
1485 static int bus_message_open_array(
1486                 sd_bus_message *m,
1487                 struct bus_container *c,
1488                 const char *contents,
1489                 uint32_t **array_size) {
1490
1491         unsigned nindex;
1492         char *e = NULL;
1493         void *a, *op;
1494         int alignment;
1495         size_t os;
1496         struct bus_body_part *o;
1497
1498         assert(m);
1499         assert(c);
1500         assert(contents);
1501         assert(array_size);
1502
1503         if (!signature_is_single(contents))
1504                 return -EINVAL;
1505
1506         alignment = bus_type_get_alignment(contents[0]);
1507         if (alignment < 0)
1508                 return alignment;
1509
1510         if (c->signature && c->signature[c->index]) {
1511
1512                 /* Verify the existing signature */
1513
1514                 if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
1515                         return -ENXIO;
1516
1517                 if (!startswith(c->signature + c->index + 1, contents))
1518                         return -ENXIO;
1519
1520                 nindex = c->index + 1 + strlen(contents);
1521         } else {
1522                 if (c->enclosing != 0)
1523                         return -ENXIO;
1524
1525                 /* Extend the existing signature */
1526
1527                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_ARRAY), contents, NULL);
1528                 if (!e) {
1529                         m->poisoned = true;
1530                         return -ENOMEM;
1531                 }
1532
1533                 nindex = e - c->signature;
1534         }
1535
1536         a = message_extend_body(m, 4, 4);
1537         if (!a)
1538                 return -ENOMEM;
1539
1540         o = m->body_end;
1541         op = m->body_end->data;
1542         os = m->body_end->size;
1543
1544         /* Add alignment between size and first element */
1545         if (!message_extend_body(m, alignment, 0))
1546                 return -ENOMEM;
1547
1548         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1549                 c->index = nindex;
1550
1551         /* location of array size might have changed so let's readjust a */
1552         if (o == m->body_end)
1553                 a = adjust_pointer(a, op, os, m->body_end->data);
1554
1555         *(uint32_t*) a = 0;
1556         *array_size = a;
1557         return 0;
1558 }
1559
1560 static int bus_message_open_variant(
1561                 sd_bus_message *m,
1562                 struct bus_container *c,
1563                 const char *contents) {
1564
1565         char *e = NULL;
1566         size_t l;
1567         void *a;
1568
1569         assert(m);
1570         assert(c);
1571         assert(contents);
1572
1573         if (!signature_is_single(contents))
1574                 return -EINVAL;
1575
1576         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
1577                 return -EINVAL;
1578
1579         if (c->signature && c->signature[c->index]) {
1580
1581                 if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
1582                         return -ENXIO;
1583
1584         } else {
1585                 if (c->enclosing != 0)
1586                         return -ENXIO;
1587
1588                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_VARIANT), NULL);
1589                 if (!e) {
1590                         m->poisoned = true;
1591                         return -ENOMEM;
1592                 }
1593         }
1594
1595         l = strlen(contents);
1596         a = message_extend_body(m, 1, 1 + l + 1);
1597         if (!a)
1598                 return -ENOMEM;
1599
1600         *(uint8_t*) a = l;
1601         memcpy((uint8_t*) a + 1, contents, l + 1);
1602
1603         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1604                 c->index++;
1605
1606         return 0;
1607 }
1608
1609 static int bus_message_open_struct(
1610                 sd_bus_message *m,
1611                 struct bus_container *c,
1612                 const char *contents) {
1613
1614         size_t nindex;
1615         char *e = NULL;
1616
1617         assert(m);
1618         assert(c);
1619         assert(contents);
1620
1621         if (!signature_is_valid(contents, false))
1622                 return -EINVAL;
1623
1624         if (c->signature && c->signature[c->index]) {
1625                 size_t l;
1626
1627                 l = strlen(contents);
1628
1629                 if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
1630                     !startswith(c->signature + c->index + 1, contents) ||
1631                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
1632                         return -ENXIO;
1633
1634                 nindex = c->index + 1 + l + 1;
1635         } else {
1636                 if (c->enclosing != 0)
1637                         return -ENXIO;
1638
1639                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_BEGIN), contents, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_END), NULL);
1640                 if (!e) {
1641                         m->poisoned = true;
1642                         return -ENOMEM;
1643                 }
1644
1645                 nindex = e - c->signature;
1646         }
1647
1648         /* Align contents to 8 byte boundary */
1649         if (!message_extend_body(m, 8, 0))
1650                 return -ENOMEM;
1651
1652         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1653                 c->index = nindex;
1654
1655         return 0;
1656 }
1657
1658 static int bus_message_open_dict_entry(
1659                 sd_bus_message *m,
1660                 struct bus_container *c,
1661                 const char *contents) {
1662
1663         size_t nindex;
1664
1665         assert(m);
1666         assert(c);
1667         assert(contents);
1668
1669         if (!signature_is_pair(contents))
1670                 return -EINVAL;
1671
1672         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1673                 return -ENXIO;
1674
1675         if (c->signature && c->signature[c->index]) {
1676                 size_t l;
1677
1678                 l = strlen(contents);
1679
1680                 if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
1681                     !startswith(c->signature + c->index + 1, contents) ||
1682                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
1683                         return -ENXIO;
1684
1685                 nindex = c->index + 1 + l + 1;
1686         } else
1687                 return -ENXIO;
1688
1689         /* Align contents to 8 byte boundary */
1690         if (!message_extend_body(m, 8, 0))
1691                 return -ENOMEM;
1692
1693         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1694                 c->index = nindex;
1695
1696         return 0;
1697 }
1698
1699 int sd_bus_message_open_container(
1700                 sd_bus_message *m,
1701                 char type,
1702                 const char *contents) {
1703
1704         struct bus_container *c, *w;
1705         uint32_t *array_size = NULL;
1706         char *signature;
1707         size_t before;
1708         int r;
1709
1710         if (!m)
1711                 return -EINVAL;
1712         if (m->sealed)
1713                 return -EPERM;
1714         if (!contents)
1715                 return -EINVAL;
1716         if (m->poisoned)
1717                 return -ESTALE;
1718
1719         /* Make sure we have space for one more container */
1720         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
1721         if (!w) {
1722                 m->poisoned = true;
1723                 return -ENOMEM;
1724         }
1725
1726         m->containers = w;
1727
1728         c = message_get_container(m);
1729
1730         signature = strdup(contents);
1731         if (!signature) {
1732                 m->poisoned = true;
1733                 return -ENOMEM;
1734         }
1735
1736         /* Save old index in the parent container, in case we have to
1737          * abort this container */
1738         c->saved_index = c->index;
1739         before = m->header->body_size;
1740
1741         if (type == SD_BUS_TYPE_ARRAY)
1742                 r = bus_message_open_array(m, c, contents, &array_size);
1743         else if (type == SD_BUS_TYPE_VARIANT)
1744                 r = bus_message_open_variant(m, c, contents);
1745         else if (type == SD_BUS_TYPE_STRUCT)
1746                 r = bus_message_open_struct(m, c, contents);
1747         else if (type == SD_BUS_TYPE_DICT_ENTRY)
1748                 r = bus_message_open_dict_entry(m, c, contents);
1749         else
1750                 r = -EINVAL;
1751
1752         if (r < 0) {
1753                 free(signature);
1754                 return r;
1755         }
1756
1757         /* OK, let's fill it in */
1758         w += m->n_containers++;
1759         w->enclosing = type;
1760         w->signature = signature;
1761         w->index = 0;
1762         w->array_size = array_size;
1763         w->before = before;
1764         w->begin = m->rindex;
1765
1766         return 0;
1767 }
1768
1769 int sd_bus_message_close_container(sd_bus_message *m) {
1770         struct bus_container *c;
1771
1772         if (!m)
1773                 return -EINVAL;
1774         if (m->sealed)
1775                 return -EPERM;
1776         if (m->n_containers <= 0)
1777                 return -EINVAL;
1778         if (m->poisoned)
1779                 return -ESTALE;
1780
1781         c = message_get_container(m);
1782         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1783                 if (c->signature && c->signature[c->index] != 0)
1784                         return -EINVAL;
1785
1786         free(c->signature);
1787         m->n_containers--;
1788
1789         return 0;
1790 }
1791
1792 typedef struct {
1793         const char *types;
1794         unsigned n_struct;
1795         unsigned n_array;
1796 } TypeStack;
1797
1798 static int type_stack_push(TypeStack *stack, unsigned max, unsigned *i, const char *types, unsigned n_struct, unsigned n_array) {
1799         assert(stack);
1800         assert(max > 0);
1801
1802         if (*i >= max)
1803                 return -EINVAL;
1804
1805         stack[*i].types = types;
1806         stack[*i].n_struct = n_struct;
1807         stack[*i].n_array = n_array;
1808         (*i)++;
1809
1810         return 0;
1811 }
1812
1813 static int type_stack_pop(TypeStack *stack, unsigned max, unsigned *i, const char **types, unsigned *n_struct, unsigned *n_array) {
1814         assert(stack);
1815         assert(max > 0);
1816         assert(types);
1817         assert(n_struct);
1818         assert(n_array);
1819
1820         if (*i <= 0)
1821                 return 0;
1822
1823         (*i)--;
1824         *types = stack[*i].types;
1825         *n_struct = stack[*i].n_struct;
1826         *n_array = stack[*i].n_array;
1827
1828         return 1;
1829 }
1830
1831 int bus_message_append_ap(
1832                 sd_bus_message *m,
1833                 const char *types,
1834                 va_list ap) {
1835
1836         unsigned n_array, n_struct;
1837         TypeStack stack[BUS_CONTAINER_DEPTH];
1838         unsigned stack_ptr = 0;
1839         int r;
1840
1841         assert(m);
1842
1843         if (!types)
1844                 return 0;
1845
1846         n_array = (unsigned) -1;
1847         n_struct = strlen(types);
1848
1849         for (;;) {
1850                 const char *t;
1851
1852                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
1853                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
1854                         if (r < 0)
1855                                 return r;
1856                         if (r == 0)
1857                                 break;
1858
1859                         r = sd_bus_message_close_container(m);
1860                         if (r < 0)
1861                                 return r;
1862
1863                         continue;
1864                 }
1865
1866                 t = types;
1867                 if (n_array != (unsigned) -1)
1868                         n_array --;
1869                 else {
1870                         types ++;
1871                         n_struct--;
1872                 }
1873
1874                 switch (*t) {
1875
1876                 case SD_BUS_TYPE_BYTE: {
1877                         uint8_t x;
1878
1879                         x = (uint8_t) va_arg(ap, int);
1880                         r = sd_bus_message_append_basic(m, *t, &x);
1881                         break;
1882                 }
1883
1884                 case SD_BUS_TYPE_BOOLEAN:
1885                 case SD_BUS_TYPE_INT32:
1886                 case SD_BUS_TYPE_UINT32:
1887                 case SD_BUS_TYPE_UNIX_FD: {
1888                         uint32_t x;
1889
1890                         /* We assume a boolean is the same as int32_t */
1891                         assert_cc(sizeof(int32_t) == sizeof(int));
1892
1893                         x = va_arg(ap, uint32_t);
1894                         r = sd_bus_message_append_basic(m, *t, &x);
1895                         break;
1896                 }
1897
1898                 case SD_BUS_TYPE_INT16:
1899                 case SD_BUS_TYPE_UINT16: {
1900                         uint16_t x;
1901
1902                         x = (uint16_t) va_arg(ap, int);
1903                         r = sd_bus_message_append_basic(m, *t, &x);
1904                         break;
1905                 }
1906
1907                 case SD_BUS_TYPE_INT64:
1908                 case SD_BUS_TYPE_UINT64:
1909                 case SD_BUS_TYPE_DOUBLE: {
1910                         uint64_t x;
1911
1912                         x = va_arg(ap, uint64_t);
1913                         r = sd_bus_message_append_basic(m, *t, &x);
1914                         break;
1915                 }
1916
1917                 case SD_BUS_TYPE_STRING:
1918                 case SD_BUS_TYPE_OBJECT_PATH:
1919                 case SD_BUS_TYPE_SIGNATURE: {
1920                         const char *x;
1921
1922                         x = va_arg(ap, const char*);
1923                         r = sd_bus_message_append_basic(m, *t, x);
1924                         break;
1925                 }
1926
1927                 case SD_BUS_TYPE_ARRAY: {
1928                         size_t k;
1929
1930                         r = signature_element_length(t + 1, &k);
1931                         if (r < 0)
1932                                 return r;
1933
1934                         {
1935                                 char s[k + 1];
1936                                 memcpy(s, t + 1, k);
1937                                 s[k] = 0;
1938
1939                                 r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, s);
1940                                 if (r < 0)
1941                                         return r;
1942                         }
1943
1944                         if (n_array == (unsigned) -1) {
1945                                 types += k;
1946                                 n_struct -= k;
1947                         }
1948
1949                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
1950                         if (r < 0)
1951                                 return r;
1952
1953                         types = t + 1;
1954                         n_struct = k;
1955                         n_array = va_arg(ap, unsigned);
1956
1957                         break;
1958                 }
1959
1960                 case SD_BUS_TYPE_VARIANT: {
1961                         const char *s;
1962
1963                         s = va_arg(ap, const char*);
1964                         if (!s)
1965                                 return -EINVAL;
1966
1967                         r = sd_bus_message_open_container(m, SD_BUS_TYPE_VARIANT, s);
1968                         if (r < 0)
1969                                 return r;
1970
1971                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
1972                         if (r < 0)
1973                                 return r;
1974
1975                         types = s;
1976                         n_struct = strlen(s);
1977                         n_array = (unsigned) -1;
1978
1979                         break;
1980                 }
1981
1982                 case SD_BUS_TYPE_STRUCT_BEGIN:
1983                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
1984                         size_t k;
1985
1986                         r = signature_element_length(t, &k);
1987                         if (r < 0)
1988                                 return r;
1989
1990                         {
1991                                 char s[k - 1];
1992
1993                                 memcpy(s, t + 1, k - 2);
1994                                 s[k - 2] = 0;
1995
1996                                 r = sd_bus_message_open_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
1997                                 if (r < 0)
1998                                         return r;
1999                         }
2000
2001                         if (n_array == (unsigned) -1) {
2002                                 types += k - 1;
2003                                 n_struct -= k - 1;
2004                         }
2005
2006                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2007                         if (r < 0)
2008                                 return r;
2009
2010                         types = t + 1;
2011                         n_struct = k - 2;
2012                         n_array = (unsigned) -1;
2013
2014                         break;
2015                 }
2016
2017                 default:
2018                         r = -EINVAL;
2019                 }
2020
2021                 if (r < 0)
2022                         return r;
2023         }
2024
2025         return 0;
2026 }
2027
2028 int sd_bus_message_append(sd_bus_message *m, const char *types, ...) {
2029         va_list ap;
2030         int r;
2031
2032         if (!m)
2033                 return -EINVAL;
2034         if (m->sealed)
2035                 return -EPERM;
2036         if (m->poisoned)
2037                 return -ESTALE;
2038         if (!types)
2039                 return 0;
2040
2041         va_start(ap, types);
2042         r = bus_message_append_ap(m, types, ap);
2043         va_end(ap);
2044
2045         return r;
2046 }
2047
2048 int sd_bus_message_append_array_space(sd_bus_message *m, char type, size_t size, void **ptr) {
2049         ssize_t align, sz;
2050         void *a;
2051         int r;
2052
2053         if (!m)
2054                 return -EINVAL;
2055         if (m->sealed)
2056                 return -EPERM;
2057         if (!bus_type_is_trivial(type))
2058                 return -EINVAL;
2059         if (!ptr && size > 0)
2060                 return -EINVAL;
2061         if (m->poisoned)
2062                 return -ESTALE;
2063
2064         align = bus_type_get_alignment(type);
2065         sz = bus_type_get_size(type);
2066
2067         assert_se(align > 0);
2068         assert_se(sz > 0);
2069
2070         if (size % sz != 0)
2071                 return -EINVAL;
2072
2073         r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
2074         if (r < 0)
2075                 return r;
2076
2077         a = message_extend_body(m, align, size);
2078         if (!a)
2079                 return -ENOMEM;
2080
2081         r = sd_bus_message_close_container(m);
2082         if (r < 0)
2083                 return r;
2084
2085         *ptr = a;
2086         return 0;
2087 }
2088
2089 int sd_bus_message_append_array(sd_bus_message *m, char type, const void *ptr, size_t size) {
2090         int r;
2091         void *p;
2092
2093         if (!ptr && size > 0)
2094                 return -EINVAL;
2095
2096         r = sd_bus_message_append_array_space(m, type, size, &p);
2097         if (r < 0)
2098                 return r;
2099
2100         if (size > 0)
2101                 memcpy(p, ptr, size);
2102
2103         return 0;
2104 }
2105
2106 static int buffer_peek(const void *p, uint32_t sz, size_t *rindex, size_t align, size_t nbytes, void **r) {
2107         size_t k, start, end;
2108
2109         assert(rindex);
2110         assert(align > 0);
2111
2112         start = ALIGN_TO((size_t) *rindex, align);
2113         end = start + nbytes;
2114
2115         if (end > sz)
2116                 return -EBADMSG;
2117
2118         /* Verify that padding is 0 */
2119         for (k = *rindex; k < start; k++)
2120                 if (((const uint8_t*) p)[k] != 0)
2121                         return -EBADMSG;
2122
2123         if (r)
2124                 *r = (uint8_t*) p + start;
2125
2126         *rindex = end;
2127
2128         return 1;
2129 }
2130
2131 static bool message_end_of_array(sd_bus_message *m, size_t index) {
2132         struct bus_container *c;
2133
2134         assert(m);
2135
2136         c = message_get_container(m);
2137         if (!c->array_size)
2138                 return false;
2139
2140         return index >= c->begin + BUS_MESSAGE_BSWAP32(m, *c->array_size);
2141 }
2142
2143 static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t sz, void **p) {
2144         struct bus_body_part *part;
2145         size_t begin;
2146         assert(m);
2147
2148         if (m->cached_rindex_part && index >= m->cached_rindex_part_begin) {
2149                 part = m->cached_rindex_part;
2150                 begin = m->cached_rindex_part_begin;
2151         } else {
2152                 part = &m->body;
2153                 begin = 0;
2154         }
2155
2156         while (part) {
2157                 if (index < begin)
2158                         return NULL;
2159
2160                 if (index + sz <= begin + part->size) {
2161                         if (p)
2162                                 *p = part->data ? (uint8_t*) part->data + index - begin : NULL;
2163
2164                         m->cached_rindex_part = part;
2165                         m->cached_rindex_part_begin = begin;
2166
2167                         return part;
2168                 }
2169
2170                 part = part->next;
2171         }
2172
2173         return NULL;
2174 }
2175
2176 static int message_peek_body(
2177                 sd_bus_message *m,
2178                 size_t *rindex,
2179                 size_t align,
2180                 size_t nbytes,
2181                 void **ret) {
2182
2183         size_t k, start, end, padding;
2184         struct bus_body_part *part;
2185         uint8_t *q;
2186
2187         assert(m);
2188         assert(rindex);
2189         assert(align > 0);
2190
2191         if (message_end_of_array(m, *rindex))
2192                 return 0;
2193
2194         start = ALIGN_TO((size_t) *rindex, align);
2195         padding = start - *rindex;
2196         end = start + nbytes;
2197
2198         if (end > BUS_MESSAGE_BODY_SIZE(m))
2199                 return -EBADMSG;
2200
2201         part = find_part(m, *rindex, padding, (void**) &q);
2202         if (!part)
2203                 return -EBADMSG;
2204
2205         if (q) {
2206                 /* Verify padding */
2207                 for (k = 0; k < padding; k++)
2208                         if (q[k] != 0)
2209                                 return -EBADMSG;
2210         }
2211
2212         part = find_part(m, start, nbytes, (void**) &q);
2213         if (!part || !q)
2214                 return -EBADMSG;
2215
2216         *rindex = end;
2217
2218         if (ret)
2219                 *ret = q;
2220
2221         return 1;
2222 }
2223
2224 static bool validate_nul(const char *s, size_t l) {
2225
2226         /* Check for NUL chars in the string */
2227         if (memchr(s, 0, l))
2228                 return false;
2229
2230         /* Check for NUL termination */
2231         if (s[l] != 0)
2232                 return false;
2233
2234         return true;
2235 }
2236
2237 static bool validate_string(const char *s, size_t l) {
2238
2239         if (!validate_nul(s, l))
2240                 return false;
2241
2242         /* Check if valid UTF8 */
2243         if (!utf8_is_valid(s))
2244                 return false;
2245
2246         return true;
2247 }
2248
2249 static bool validate_signature(const char *s, size_t l) {
2250
2251         if (!validate_nul(s, l))
2252                 return false;
2253
2254         /* Check if valid signature */
2255         if (!signature_is_valid(s, true))
2256                 return false;
2257
2258         return true;
2259 }
2260
2261 static bool validate_object_path(const char *s, size_t l) {
2262
2263         if (!validate_nul(s, l))
2264                 return false;
2265
2266         if (!object_path_is_valid(s))
2267                 return false;
2268
2269         return true;
2270 }
2271
2272 int sd_bus_message_read_basic(sd_bus_message *m, char type, void *p) {
2273         struct bus_container *c;
2274         int r;
2275         void *q;
2276
2277         if (!m)
2278                 return -EINVAL;
2279         if (!m->sealed)
2280                 return -EPERM;
2281         if (!bus_type_is_basic(type))
2282                 return -EINVAL;
2283         if (!p)
2284                 return -EINVAL;
2285
2286         c = message_get_container(m);
2287
2288         if (!c->signature || c->signature[c->index] == 0)
2289                 return 0;
2290
2291         if (c->signature[c->index] != type)
2292                 return -ENXIO;
2293
2294         switch (type) {
2295
2296         case SD_BUS_TYPE_STRING:
2297         case SD_BUS_TYPE_OBJECT_PATH: {
2298                 uint32_t l;
2299                 size_t rindex;
2300
2301                 rindex = m->rindex;
2302                 r = message_peek_body(m, &rindex, 4, 4, &q);
2303                 if (r <= 0)
2304                         return r;
2305
2306                 l = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2307                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2308                 if (r < 0)
2309                         return r;
2310                 if (r == 0)
2311                         return -EBADMSG;
2312
2313                 if (type == SD_BUS_TYPE_OBJECT_PATH) {
2314                         if (!validate_object_path(q, l))
2315                                 return -EBADMSG;
2316                 } else {
2317                         if (!validate_string(q, l))
2318                                 return -EBADMSG;
2319                 }
2320
2321                 m->rindex = rindex;
2322                 *(const char**) p = q;
2323                 break;
2324         }
2325
2326         case SD_BUS_TYPE_SIGNATURE: {
2327                 uint8_t l;
2328                 size_t rindex;
2329
2330                 rindex = m->rindex;
2331                 r = message_peek_body(m, &rindex, 1, 1, &q);
2332                 if (r <= 0)
2333                         return r;
2334
2335                 l = *(uint8_t*) q;
2336                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2337                 if (r < 0)
2338                         return r;
2339                 if (r == 0)
2340                         return -EBADMSG;
2341
2342                 if (!validate_signature(q, l))
2343                         return -EBADMSG;
2344
2345                 m->rindex = rindex;
2346                 *(const char**) p = q;
2347                 break;
2348         }
2349
2350         default: {
2351                 ssize_t sz, align;
2352                 size_t rindex;
2353
2354                 align = bus_type_get_alignment(type);
2355                 sz = bus_type_get_size(type);
2356                 assert(align > 0 && sz > 0);
2357
2358                 rindex = m->rindex;
2359                 r = message_peek_body(m, &rindex, align, sz, &q);
2360                 if (r <= 0)
2361                         return r;
2362
2363                 switch (type) {
2364
2365                 case SD_BUS_TYPE_BYTE:
2366                         *(uint8_t*) p = *(uint8_t*) q;
2367                         break;
2368
2369                 case SD_BUS_TYPE_BOOLEAN:
2370                         *(int*) p = !!*(uint32_t*) q;
2371                         break;
2372
2373                 case SD_BUS_TYPE_INT16:
2374                 case SD_BUS_TYPE_UINT16:
2375                         *(uint16_t*) p = BUS_MESSAGE_BSWAP16(m, *(uint16_t*) q);
2376                         break;
2377
2378                 case SD_BUS_TYPE_INT32:
2379                 case SD_BUS_TYPE_UINT32:
2380                         *(uint32_t*) p = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2381                         break;
2382
2383                 case SD_BUS_TYPE_INT64:
2384                 case SD_BUS_TYPE_UINT64:
2385                 case SD_BUS_TYPE_DOUBLE:
2386                         *(uint64_t*) p = BUS_MESSAGE_BSWAP64(m, *(uint64_t*) q);
2387                         break;
2388
2389                 case SD_BUS_TYPE_UNIX_FD: {
2390                         uint32_t j;
2391
2392                         j = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2393                         if (j >= m->n_fds)
2394                                 return -EBADMSG;
2395
2396                         *(int*) p = m->fds[j];
2397                         break;
2398                 }
2399
2400                 default:
2401                         assert_not_reached("Unknown basic type...");
2402                 }
2403
2404                 m->rindex = rindex;
2405
2406                 break;
2407         }
2408         }
2409
2410         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2411                 c->index++;
2412
2413         return 1;
2414 }
2415
2416 static int bus_message_enter_array(
2417                 sd_bus_message *m,
2418                 struct bus_container *c,
2419                 const char *contents,
2420                 uint32_t **array_size) {
2421
2422         size_t rindex;
2423         void *q;
2424         int r, alignment;
2425
2426         assert(m);
2427         assert(c);
2428         assert(contents);
2429         assert(array_size);
2430
2431         if (!signature_is_single(contents))
2432                 return -EINVAL;
2433
2434         alignment = bus_type_get_alignment(contents[0]);
2435         if (alignment < 0)
2436                 return alignment;
2437
2438         if (!c->signature || c->signature[c->index] == 0)
2439                 return 0;
2440
2441         if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
2442                 return -ENXIO;
2443
2444         if (!startswith(c->signature + c->index + 1, contents))
2445                 return -ENXIO;
2446
2447         rindex = m->rindex;
2448         r = message_peek_body(m, &rindex, 4, 4, &q);
2449         if (r <= 0)
2450                 return r;
2451
2452         if (BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q) > BUS_ARRAY_MAX_SIZE)
2453                 return -EBADMSG;
2454
2455         r = message_peek_body(m, &rindex, alignment, 0, NULL);
2456         if (r < 0)
2457                 return r;
2458         if (r == 0)
2459                 return -EBADMSG;
2460
2461         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2462                 c->index += 1 + strlen(contents);
2463
2464         m->rindex = rindex;
2465
2466         *array_size = (uint32_t*) q;
2467
2468         return 1;
2469 }
2470
2471 static int bus_message_enter_variant(
2472                 sd_bus_message *m,
2473                 struct bus_container *c,
2474                 const char *contents) {
2475
2476         size_t rindex;
2477         uint8_t l;
2478         void *q;
2479         int r;
2480
2481         assert(m);
2482         assert(c);
2483         assert(contents);
2484
2485         if (!signature_is_single(contents))
2486                 return -EINVAL;
2487
2488         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
2489                 return -EINVAL;
2490
2491         if (!c->signature || c->signature[c->index] == 0)
2492                 return 0;
2493
2494         if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
2495                 return -ENXIO;
2496
2497         rindex = m->rindex;
2498         r = message_peek_body(m, &rindex, 1, 1, &q);
2499         if (r <= 0)
2500                 return r;
2501
2502         l = *(uint8_t*) q;
2503         r = message_peek_body(m, &rindex, 1, l+1, &q);
2504         if (r < 0)
2505                 return r;
2506         if (r == 0)
2507                 return -EBADMSG;
2508
2509         if (!validate_signature(q, l))
2510                 return -EBADMSG;
2511
2512         if (!streq(q, contents))
2513                 return -ENXIO;
2514
2515         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2516                 c->index++;
2517
2518         m->rindex = rindex;
2519
2520         return 1;
2521 }
2522
2523 static int bus_message_enter_struct(
2524                 sd_bus_message *m,
2525                 struct bus_container *c,
2526                 const char *contents) {
2527
2528         size_t l;
2529         int r;
2530
2531         assert(m);
2532         assert(c);
2533         assert(contents);
2534
2535         if (!signature_is_valid(contents, false))
2536                 return -EINVAL;
2537
2538         if (!c->signature || c->signature[c->index] == 0)
2539                 return 0;
2540
2541         l = strlen(contents);
2542
2543         if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
2544             !startswith(c->signature + c->index + 1, contents) ||
2545             c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
2546                 return -ENXIO;
2547
2548         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2549         if (r <= 0)
2550                 return r;
2551
2552         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2553                 c->index += 1 + l + 1;
2554
2555         return 1;
2556 }
2557
2558 static int bus_message_enter_dict_entry(
2559                 sd_bus_message *m,
2560                 struct bus_container *c,
2561                 const char *contents) {
2562
2563         size_t l;
2564         int r;
2565
2566         assert(m);
2567         assert(c);
2568         assert(contents);
2569
2570         if (!signature_is_pair(contents))
2571                 return -EINVAL;
2572
2573         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2574                 return -ENXIO;
2575
2576         if (!c->signature || c->signature[c->index] == 0)
2577                 return 0;
2578
2579         l = strlen(contents);
2580
2581         if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
2582             !startswith(c->signature + c->index + 1, contents) ||
2583             c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
2584                 return -ENXIO;
2585
2586         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2587         if (r <= 0)
2588                 return r;
2589
2590         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2591                 c->index += 1 + l + 1;
2592
2593         return 1;
2594 }
2595
2596 int sd_bus_message_enter_container(sd_bus_message *m, char type, const char *contents) {
2597         struct bus_container *c, *w;
2598         uint32_t *array_size = NULL;
2599         char *signature;
2600         size_t before;
2601         int r;
2602
2603         if (!m)
2604                 return -EINVAL;
2605         if (!m->sealed)
2606                 return -EPERM;
2607         if (!contents)
2608                 return -EINVAL;
2609
2610         /*
2611          * We enforce a global limit on container depth, that is much
2612          * higher than the 32 structs and 32 arrays the specification
2613          * mandates. This is simpler to implement for us, and we need
2614          * this only to ensure our container array doesn't grow
2615          * without bounds. We are happy to return any data from a
2616          * message as long as the data itself is valid, even if the
2617          * overall message might be not.
2618          *
2619          * Note that the message signature is validated when
2620          * parsing the headers, and that validation does check the
2621          * 32/32 limit.
2622          *
2623          * Note that the specification defines no limits on the depth
2624          * of stacked variants, but we do.
2625          */
2626         if (m->n_containers >= BUS_CONTAINER_DEPTH)
2627                 return -EBADMSG;
2628
2629         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
2630         if (!w)
2631                 return -ENOMEM;
2632         m->containers = w;
2633
2634         c = message_get_container(m);
2635
2636         if (!c->signature || c->signature[c->index] == 0)
2637                 return 0;
2638
2639         signature = strdup(contents);
2640         if (!signature)
2641                 return -ENOMEM;
2642
2643         c->saved_index = c->index;
2644         before = m->rindex;
2645
2646         if (type == SD_BUS_TYPE_ARRAY)
2647                 r = bus_message_enter_array(m, c, contents, &array_size);
2648         else if (type == SD_BUS_TYPE_VARIANT)
2649                 r = bus_message_enter_variant(m, c, contents);
2650         else if (type == SD_BUS_TYPE_STRUCT)
2651                 r = bus_message_enter_struct(m, c, contents);
2652         else if (type == SD_BUS_TYPE_DICT_ENTRY)
2653                 r = bus_message_enter_dict_entry(m, c, contents);
2654         else
2655                 r = -EINVAL;
2656
2657         if (r <= 0) {
2658                 free(signature);
2659                 return r;
2660         }
2661
2662         /* OK, let's fill it in */
2663         w += m->n_containers++;
2664         w->enclosing = type;
2665         w->signature = signature;
2666         w->index = 0;
2667         w->array_size = array_size;
2668         w->before = before;
2669         w->begin = m->rindex;
2670
2671         return 1;
2672 }
2673
2674 int sd_bus_message_exit_container(sd_bus_message *m) {
2675         struct bus_container *c;
2676
2677         if (!m)
2678                 return -EINVAL;
2679         if (!m->sealed)
2680                 return -EPERM;
2681         if (m->n_containers <= 0)
2682                 return -EINVAL;
2683
2684         c = message_get_container(m);
2685         if (c->enclosing == SD_BUS_TYPE_ARRAY) {
2686                 uint32_t l;
2687
2688                 l = BUS_MESSAGE_BSWAP32(m, *c->array_size);
2689                 if (c->begin + l != m->rindex)
2690                         return -EBUSY;
2691
2692         } else {
2693                 if (c->signature && c->signature[c->index] != 0)
2694                         return -EINVAL;
2695         }
2696
2697         free(c->signature);
2698         m->n_containers--;
2699
2700         return 1;
2701 }
2702
2703 static void message_quit_container(sd_bus_message *m) {
2704         struct bus_container *c;
2705
2706         assert(m);
2707         assert(m->sealed);
2708         assert(m->n_containers > 0);
2709
2710         c = message_get_container(m);
2711
2712         /* Undo seeks */
2713         assert(m->rindex >= c->before);
2714         m->rindex = c->before;
2715
2716         /* Free container */
2717         free(c->signature);
2718         m->n_containers--;
2719
2720         /* Correct index of new top-level container */
2721         c = message_get_container(m);
2722         c->index = c->saved_index;
2723 }
2724
2725 int sd_bus_message_peek_type(sd_bus_message *m, char *type, const char **contents) {
2726         struct bus_container *c;
2727         int r;
2728
2729         if (!m)
2730                 return -EINVAL;
2731         if (!m->sealed)
2732                 return -EPERM;
2733
2734         c = message_get_container(m);
2735
2736         if (!c->signature || c->signature[c->index] == 0)
2737                 goto eof;
2738
2739         if (message_end_of_array(m, m->rindex))
2740                 goto eof;
2741
2742         if (bus_type_is_basic(c->signature[c->index])) {
2743                 if (contents)
2744                         *contents = NULL;
2745                 if (type)
2746                         *type = c->signature[c->index];
2747                 return 1;
2748         }
2749
2750         if (c->signature[c->index] == SD_BUS_TYPE_ARRAY) {
2751
2752                 if (contents) {
2753                         size_t l;
2754                         char *sig;
2755
2756                         r = signature_element_length(c->signature+c->index+1, &l);
2757                         if (r < 0)
2758                                 return r;
2759
2760                         assert(l >= 1);
2761
2762                         sig = strndup(c->signature + c->index + 1, l);
2763                         if (!sig)
2764                                 return -ENOMEM;
2765
2766                         free(m->peeked_signature);
2767                         m->peeked_signature = sig;
2768
2769                         *contents = sig;
2770                 }
2771
2772                 if (type)
2773                         *type = SD_BUS_TYPE_ARRAY;
2774
2775                 return 1;
2776         }
2777
2778         if (c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ||
2779             c->signature[c->index] == SD_BUS_TYPE_DICT_ENTRY_BEGIN) {
2780
2781                 if (contents) {
2782                         size_t l;
2783                         char *sig;
2784
2785                         r = signature_element_length(c->signature+c->index, &l);
2786                         if (r < 0)
2787                                 return r;
2788
2789                         assert(l >= 2);
2790                         sig = strndup(c->signature + c->index + 1, l - 2);
2791                         if (!sig)
2792                                 return -ENOMEM;
2793
2794                         free(m->peeked_signature);
2795                         m->peeked_signature = sig;
2796
2797                         *contents = sig;
2798                 }
2799
2800                 if (type)
2801                         *type = c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY;
2802
2803                 return 1;
2804         }
2805
2806         if (c->signature[c->index] == SD_BUS_TYPE_VARIANT) {
2807                 if (contents) {
2808                         size_t rindex, l;
2809                         void *q;
2810
2811                         rindex = m->rindex;
2812                         r = message_peek_body(m, &rindex, 1, 1, &q);
2813                         if (r < 0)
2814                                 return r;
2815                         if (r == 0)
2816                                 goto eof;
2817
2818                         l = *(uint8_t*) q;
2819                         r = message_peek_body(m, &rindex, 1, l+1, &q);
2820                         if (r < 0)
2821                                 return r;
2822                         if (r == 0)
2823                                 return -EBADMSG;
2824
2825                         if (!validate_signature(q, l))
2826                                 return -EBADMSG;
2827
2828                         *contents = q;
2829                 }
2830
2831                 if (type)
2832                         *type = SD_BUS_TYPE_VARIANT;
2833
2834                 return 1;
2835         }
2836
2837         return -EINVAL;
2838
2839 eof:
2840         if (type)
2841                 *type = c->enclosing;
2842         if (contents)
2843                 *contents = NULL;
2844         return 0;
2845 }
2846
2847 int sd_bus_message_rewind(sd_bus_message *m, int complete) {
2848         struct bus_container *c;
2849
2850         if (!m)
2851                 return -EINVAL;
2852         if (!m->sealed)
2853                 return -EPERM;
2854
2855         if (complete) {
2856                 message_reset_containers(m);
2857                 m->rindex = 0;
2858                 m->root_container.index = 0;
2859
2860                 c = message_get_container(m);
2861         } else {
2862                 c = message_get_container(m);
2863
2864                 c->index = 0;
2865                 m->rindex = c->begin;
2866         }
2867
2868         return !isempty(c->signature);
2869 }
2870 static int message_read_ap(
2871                 sd_bus_message *m,
2872                 const char *types,
2873                 va_list ap) {
2874
2875         unsigned n_array, n_struct;
2876         TypeStack stack[BUS_CONTAINER_DEPTH];
2877         unsigned stack_ptr = 0;
2878         int r;
2879
2880         assert(m);
2881
2882         if (!types)
2883                 return 0;
2884
2885         /* Ideally, we'd just call ourselves recursively on every
2886          * complex type. However, the state of a va_list that is
2887          * passed to a function is undefined after that function
2888          * returns. This means we need to docode the va_list linearly
2889          * in a single stackframe. We hence implement our own
2890          * home-grown stack in an array. */
2891
2892         n_array = (unsigned) -1;
2893         n_struct = strlen(types);
2894
2895         for (;;) {
2896                 const char *t;
2897
2898                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
2899                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
2900                         if (r < 0)
2901                                 return r;
2902                         if (r == 0)
2903                                 break;
2904
2905                         r = sd_bus_message_exit_container(m);
2906                         if (r < 0)
2907                                 return r;
2908
2909                         continue;
2910                 }
2911
2912                 t = types;
2913                 if (n_array != (unsigned) -1)
2914                         n_array --;
2915                 else {
2916                         types ++;
2917                         n_struct--;
2918                 }
2919
2920                 switch (*t) {
2921
2922                 case SD_BUS_TYPE_BYTE:
2923                 case SD_BUS_TYPE_BOOLEAN:
2924                 case SD_BUS_TYPE_INT16:
2925                 case SD_BUS_TYPE_UINT16:
2926                 case SD_BUS_TYPE_INT32:
2927                 case SD_BUS_TYPE_UINT32:
2928                 case SD_BUS_TYPE_INT64:
2929                 case SD_BUS_TYPE_UINT64:
2930                 case SD_BUS_TYPE_DOUBLE:
2931                 case SD_BUS_TYPE_STRING:
2932                 case SD_BUS_TYPE_OBJECT_PATH:
2933                 case SD_BUS_TYPE_SIGNATURE:
2934                 case SD_BUS_TYPE_UNIX_FD: {
2935                         void *p;
2936
2937                         p = va_arg(ap, void*);
2938                         r = sd_bus_message_read_basic(m, *t, p);
2939                         if (r < 0)
2940                                 return r;
2941                         if (r == 0)
2942                                 return -ENXIO;
2943
2944                         break;
2945                 }
2946
2947                 case SD_BUS_TYPE_ARRAY: {
2948                         size_t k;
2949
2950                         r = signature_element_length(t + 1, &k);
2951                         if (r < 0)
2952                                 return r;
2953
2954                         {
2955                                 char s[k + 1];
2956                                 memcpy(s, t + 1, k);
2957                                 s[k] = 0;
2958
2959                                 r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, s);
2960                                 if (r < 0)
2961                                         return r;
2962                                 if (r == 0)
2963                                         return -ENXIO;
2964                         }
2965
2966                         if (n_array == (unsigned) -1) {
2967                                 types += k;
2968                                 n_struct -= k;
2969                         }
2970
2971                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2972                         if (r < 0)
2973                                 return r;
2974
2975                         types = t + 1;
2976                         n_struct = k;
2977                         n_array = va_arg(ap, unsigned);
2978
2979                         break;
2980                 }
2981
2982                 case SD_BUS_TYPE_VARIANT: {
2983                         const char *s;
2984
2985                         s = va_arg(ap, const char *);
2986                         if (!s)
2987                                 return -EINVAL;
2988
2989                         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_VARIANT, s);
2990                         if (r < 0)
2991                                 return r;
2992                         if (r == 0)
2993                                 return -ENXIO;
2994
2995                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2996                         if (r < 0)
2997                                 return r;
2998
2999                         types = s;
3000                         n_struct = strlen(s);
3001                         n_array = (unsigned) -1;
3002
3003                         break;
3004                 }
3005
3006                 case SD_BUS_TYPE_STRUCT_BEGIN:
3007                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
3008                         size_t k;
3009
3010                         r = signature_element_length(t, &k);
3011                         if (r < 0)
3012                                 return r;
3013
3014                         {
3015                                 char s[k - 1];
3016                                 memcpy(s, t + 1, k - 2);
3017                                 s[k - 2] = 0;
3018
3019                                 r = sd_bus_message_enter_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
3020                                 if (r < 0)
3021                                         return r;
3022                                 if (r == 0)
3023                                         return -ENXIO;
3024                         }
3025
3026                         if (n_array == (unsigned) -1) {
3027                                 types += k - 1;
3028                                 n_struct -= k - 1;
3029                         }
3030
3031                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3032                         if (r < 0)
3033                                 return r;
3034
3035                         types = t + 1;
3036                         n_struct = k - 2;
3037                         n_array = (unsigned) -1;
3038
3039                         break;
3040                 }
3041
3042                 default:
3043                         return -EINVAL;
3044                 }
3045         }
3046
3047         return 1;
3048 }
3049
3050 int sd_bus_message_read(sd_bus_message *m, const char *types, ...) {
3051         va_list ap;
3052         int r;
3053
3054         if (!m)
3055                 return -EINVAL;
3056         if (!m->sealed)
3057                 return -EPERM;
3058         if (!types)
3059                 return -EINVAL;
3060
3061         va_start(ap, types);
3062         r = message_read_ap(m, types, ap);
3063         va_end(ap);
3064
3065         return r;
3066 }
3067
3068 int sd_bus_message_read_array(sd_bus_message *m, char type, const void **ptr, size_t *size) {
3069         struct bus_container *c;
3070         void *p;
3071         size_t sz;
3072         ssize_t align;
3073         int r;
3074
3075         if (!m)
3076                 return -EINVAL;
3077         if (!m->sealed)
3078                 return -EPERM;
3079         if (!bus_type_is_trivial(type))
3080                 return -EINVAL;
3081         if (!ptr)
3082                 return -EINVAL;
3083         if (!size)
3084                 return -EINVAL;
3085         if (BUS_MESSAGE_NEED_BSWAP(m))
3086                 return -ENOTSUP;
3087
3088         align = bus_type_get_alignment(type);
3089         if (align < 0)
3090                 return align;
3091
3092         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
3093         if (r < 0)
3094                 return r;
3095
3096         c = message_get_container(m);
3097         sz = BUS_MESSAGE_BSWAP32(m, *c->array_size);
3098
3099         r = message_peek_body(m, &m->rindex, align, sz, &p);
3100         if (r < 0)
3101                 goto fail;
3102         if (r == 0) {
3103                 r = -EBADMSG;
3104                 goto fail;
3105         }
3106
3107         r = sd_bus_message_exit_container(m);
3108         if (r < 0)
3109                 goto fail;
3110
3111         *ptr = (const void*) p;
3112         *size = sz;
3113
3114         return 1;
3115
3116 fail:
3117         message_quit_container(m);
3118         return r;
3119 }
3120
3121 static int message_peek_fields(
3122                 sd_bus_message *m,
3123                 size_t *rindex,
3124                 size_t align,
3125                 size_t nbytes,
3126                 void **ret) {
3127
3128         assert(m);
3129         assert(rindex);
3130         assert(align > 0);
3131
3132         return buffer_peek(m->fields, BUS_MESSAGE_FIELDS_SIZE(m), rindex, align, nbytes, ret);
3133 }
3134
3135 static int message_peek_field_uint32(
3136                 sd_bus_message *m,
3137                 size_t *ri,
3138                 uint32_t *ret) {
3139
3140         int r;
3141         void *q;
3142
3143         assert(m);
3144         assert(ri);
3145
3146         r = message_peek_fields(m, ri, 4, 4, &q);
3147         if (r < 0)
3148                 return r;
3149
3150         if (ret)
3151                 *ret = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
3152
3153         return 0;
3154 }
3155
3156 static int message_peek_field_string(
3157                 sd_bus_message *m,
3158                 bool (*validate)(const char *p),
3159                 size_t *ri,
3160                 const char **ret) {
3161
3162         uint32_t l;
3163         int r;
3164         void *q;
3165
3166         assert(m);
3167         assert(ri);
3168
3169         r = message_peek_field_uint32(m, ri, &l);
3170         if (r < 0)
3171                 return r;
3172
3173         r = message_peek_fields(m, ri, 1, l+1, &q);
3174         if (r < 0)
3175                 return r;
3176
3177         if (validate) {
3178                 if (!validate_nul(q, l))
3179                         return -EBADMSG;
3180
3181                 if (!validate(q))
3182                         return -EBADMSG;
3183         } else {
3184                 if (!validate_string(q, l))
3185                         return -EBADMSG;
3186         }
3187
3188         if (ret)
3189                 *ret = q;
3190
3191         return 0;
3192 }
3193
3194 static int message_peek_field_signature(
3195                 sd_bus_message *m,
3196                 size_t *ri,
3197                 const char **ret) {
3198
3199         size_t l;
3200         int r;
3201         void *q;
3202
3203         assert(m);
3204         assert(ri);
3205
3206         r = message_peek_fields(m, ri, 1, 1, &q);
3207         if (r < 0)
3208                 return r;
3209
3210         l = *(uint8_t*) q;
3211         r = message_peek_fields(m, ri, 1, l+1, &q);
3212         if (r < 0)
3213                 return r;
3214
3215         if (!validate_signature(q, l))
3216                 return -EBADMSG;
3217
3218         if (ret)
3219                 *ret = q;
3220
3221         return 0;
3222 }
3223
3224 static int message_skip_fields(
3225                 sd_bus_message *m,
3226                 size_t *ri,
3227                 uint32_t array_size,
3228                 const char **signature) {
3229
3230         size_t original_index;
3231         int r;
3232
3233         assert(m);
3234         assert(ri);
3235         assert(signature);
3236
3237         original_index = *ri;
3238
3239         for (;;) {
3240                 char t;
3241                 size_t l;
3242
3243                 if (array_size != (uint32_t) -1 &&
3244                     array_size <= *ri - original_index)
3245                         return 0;
3246
3247                 t = **signature;
3248                 if (!t)
3249                         return 0;
3250
3251                 if (t == SD_BUS_TYPE_STRING) {
3252
3253                         r = message_peek_field_string(m, NULL, ri, NULL);
3254                         if (r < 0)
3255                                 return r;
3256
3257                         (*signature)++;
3258
3259                 } else if (t == SD_BUS_TYPE_OBJECT_PATH) {
3260
3261                         r = message_peek_field_string(m, object_path_is_valid, ri, NULL);
3262                         if (r < 0)
3263                                 return r;
3264
3265                         (*signature)++;
3266
3267                 } else if (t == SD_BUS_TYPE_SIGNATURE) {
3268
3269                         r = message_peek_field_signature(m, ri, NULL);
3270                         if (r < 0)
3271                                 return r;
3272
3273                         (*signature)++;
3274
3275                 } else if (bus_type_is_basic(t)) {
3276                         ssize_t align, k;
3277
3278                         align = bus_type_get_alignment(t);
3279                         k = bus_type_get_size(t);
3280                         assert(align > 0 && k > 0);
3281
3282                         r = message_peek_fields(m, ri, align, k, NULL);
3283                         if (r < 0)
3284                                 return r;
3285
3286                         (*signature)++;
3287
3288                 } else if (t == SD_BUS_TYPE_ARRAY) {
3289
3290                         r = signature_element_length(*signature+1, &l);
3291                         if (r < 0)
3292                                 return r;
3293
3294                         assert(l >= 1);
3295                         {
3296                                 char sig[l-1], *s;
3297                                 uint32_t nas;
3298                                 int alignment;
3299
3300                                 strncpy(sig, *signature + 1, l-1);
3301                                 s = sig;
3302
3303                                 alignment = bus_type_get_alignment(sig[0]);
3304                                 if (alignment < 0)
3305                                         return alignment;
3306
3307                                 r = message_peek_field_uint32(m, ri, &nas);
3308                                 if (r < 0)
3309                                         return r;
3310                                 if (nas > BUS_ARRAY_MAX_SIZE)
3311                                         return -EBADMSG;
3312
3313                                 r = message_peek_fields(m, ri, alignment, 0, NULL);
3314                                 if (r < 0)
3315                                         return r;
3316
3317                                 r = message_skip_fields(m, ri, nas, (const char**) &s);
3318                                 if (r < 0)
3319                                         return r;
3320                         }
3321
3322                         (*signature) += 1 + l;
3323
3324                 } else if (t == SD_BUS_TYPE_VARIANT) {
3325                         const char *s;
3326
3327                         r = message_peek_field_signature(m, ri, &s);
3328                         if (r < 0)
3329                                 return r;
3330
3331                         r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3332                         if (r < 0)
3333                                 return r;
3334
3335                         (*signature)++;
3336
3337                 } else if (t == SD_BUS_TYPE_STRUCT ||
3338                            t == SD_BUS_TYPE_DICT_ENTRY) {
3339
3340                         r = signature_element_length(*signature, &l);
3341                         if (r < 0)
3342                                 return r;
3343
3344                         assert(l >= 2);
3345                         {
3346                                 char sig[l-1], *s;
3347                                 strncpy(sig, *signature + 1, l-1);
3348                                 s = sig;
3349
3350                                 r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3351                                 if (r < 0)
3352                                         return r;
3353                         }
3354
3355                         *signature += l;
3356                 } else
3357                         return -EINVAL;
3358         }
3359 }
3360
3361 int bus_message_parse_fields(sd_bus_message *m) {
3362         size_t ri;
3363         int r;
3364         uint32_t unix_fds = 0;
3365
3366         assert(m);
3367
3368         for (ri = 0; ri < BUS_MESSAGE_FIELDS_SIZE(m); ) {
3369                 const char *signature;
3370                 uint8_t *header;
3371
3372                 r = message_peek_fields(m, &ri, 8, 1, (void**) &header);
3373                 if (r < 0)
3374                         return r;
3375
3376                 r = message_peek_field_signature(m, &ri, &signature);
3377                 if (r < 0)
3378                         return r;
3379
3380                 switch (*header) {
3381                 case _SD_BUS_MESSAGE_HEADER_INVALID:
3382                         return -EBADMSG;
3383
3384                 case SD_BUS_MESSAGE_HEADER_PATH:
3385
3386                         if (m->path)
3387                                 return -EBADMSG;
3388
3389                         if (!streq(signature, "o"))
3390                                 return -EBADMSG;
3391
3392                         r = message_peek_field_string(m, object_path_is_valid, &ri, &m->path);
3393                         break;
3394
3395                 case SD_BUS_MESSAGE_HEADER_INTERFACE:
3396
3397                         if (m->interface)
3398                                 return -EBADMSG;
3399
3400                         if (!streq(signature, "s"))
3401                                 return -EBADMSG;
3402
3403                         r = message_peek_field_string(m, interface_name_is_valid, &ri, &m->interface);
3404                         break;
3405
3406                 case SD_BUS_MESSAGE_HEADER_MEMBER:
3407
3408                         if (m->member)
3409                                 return -EBADMSG;
3410
3411                         if (!streq(signature, "s"))
3412                                 return -EBADMSG;
3413
3414                         r = message_peek_field_string(m, member_name_is_valid, &ri, &m->member);
3415                         break;
3416
3417                 case SD_BUS_MESSAGE_HEADER_ERROR_NAME:
3418
3419                         if (m->error.name)
3420                                 return -EBADMSG;
3421
3422                         if (!streq(signature, "s"))
3423                                 return -EBADMSG;
3424
3425                         r = message_peek_field_string(m, error_name_is_valid, &ri, &m->error.name);
3426                         break;
3427
3428                 case SD_BUS_MESSAGE_HEADER_DESTINATION:
3429
3430                         if (m->destination)
3431                                 return -EBADMSG;
3432
3433                         if (!streq(signature, "s"))
3434                                 return -EBADMSG;
3435
3436                         r = message_peek_field_string(m, service_name_is_valid, &ri, &m->destination);
3437                         break;
3438
3439                 case SD_BUS_MESSAGE_HEADER_SENDER:
3440
3441                         if (m->sender)
3442                                 return -EBADMSG;
3443
3444                         if (!streq(signature, "s"))
3445                                 return -EBADMSG;
3446
3447                         r = message_peek_field_string(m, service_name_is_valid, &ri, &m->sender);
3448                         break;
3449
3450
3451                 case SD_BUS_MESSAGE_HEADER_SIGNATURE: {
3452                         const char *s;
3453                         char *c;
3454
3455                         if (m->root_container.signature)
3456                                 return -EBADMSG;
3457
3458                         if (!streq(signature, "g"))
3459                                 return -EBADMSG;
3460
3461                         r = message_peek_field_signature(m, &ri, &s);
3462                         if (r < 0)
3463                                 return r;
3464
3465                         c = strdup(s);
3466                         if (!c)
3467                                 return -ENOMEM;
3468
3469                         free(m->root_container.signature);
3470                         m->root_container.signature = c;
3471                         break;
3472                 }
3473
3474                 case SD_BUS_MESSAGE_HEADER_REPLY_SERIAL:
3475                         if (m->reply_serial != 0)
3476                                 return -EBADMSG;
3477
3478                         if (!streq(signature, "u"))
3479                                 return -EBADMSG;
3480
3481                         r = message_peek_field_uint32(m, &ri, &m->reply_serial);
3482                         if (r < 0)
3483                                 return r;
3484
3485                         if (m->reply_serial == 0)
3486                                 return -EBADMSG;
3487
3488                         break;
3489
3490                 case SD_BUS_MESSAGE_HEADER_UNIX_FDS:
3491                         if (unix_fds != 0)
3492                                 return -EBADMSG;
3493
3494                         if (!streq(signature, "u"))
3495                                 return -EBADMSG;
3496
3497                         r = message_peek_field_uint32(m, &ri, &unix_fds);
3498                         if (r < 0)
3499                                 return -EBADMSG;
3500
3501                         if (unix_fds == 0)
3502                                 return -EBADMSG;
3503
3504                         break;
3505
3506                 default:
3507                         r = message_skip_fields(m, &ri, (uint32_t) -1, (const char **) &signature);
3508                 }
3509
3510                 if (r < 0)
3511                         return r;
3512         }
3513
3514         if (m->n_fds != unix_fds)
3515                 return -EBADMSG;
3516
3517         if (isempty(m->root_container.signature) != (BUS_MESSAGE_BODY_SIZE(m) == 0))
3518                 return -EBADMSG;
3519
3520         switch (m->header->type) {
3521
3522         case SD_BUS_MESSAGE_TYPE_SIGNAL:
3523                 if (!m->path || !m->interface || !m->member)
3524                         return -EBADMSG;
3525                 break;
3526
3527         case SD_BUS_MESSAGE_TYPE_METHOD_CALL:
3528
3529                 if (!m->path || !m->member)
3530                         return -EBADMSG;
3531
3532                 break;
3533
3534         case SD_BUS_MESSAGE_TYPE_METHOD_RETURN:
3535
3536                 if (m->reply_serial == 0)
3537                         return -EBADMSG;
3538                 break;
3539
3540         case SD_BUS_MESSAGE_TYPE_METHOD_ERROR:
3541
3542                 if (m->reply_serial == 0 || !m->error.name)
3543                         return -EBADMSG;
3544                 break;
3545         }
3546
3547         /* Try to read the error message, but if we can't it's a non-issue */
3548         if (m->header->type == SD_BUS_MESSAGE_TYPE_METHOD_ERROR)
3549                 sd_bus_message_read(m, "s", &m->error.message);
3550
3551         return 0;
3552 }
3553
3554 int bus_message_seal(sd_bus_message *m, uint64_t serial) {
3555         int r;
3556         size_t l, a;
3557
3558         assert(m);
3559
3560         if (m->sealed)
3561                 return -EPERM;
3562
3563         if (m->n_containers > 0)
3564                 return -EBADMSG;
3565
3566         /* If there's a non-trivial signature set, then add it in here */
3567         if (!isempty(m->root_container.signature)) {
3568                 r = message_append_field_signature(m, SD_BUS_MESSAGE_HEADER_SIGNATURE, m->root_container.signature, NULL);
3569                 if (r < 0)
3570                         return r;
3571         }
3572
3573         if (m->n_fds > 0) {
3574                 r = message_append_field_uint32(m, SD_BUS_MESSAGE_HEADER_UNIX_FDS, m->n_fds);
3575                 if (r < 0)
3576                         return r;
3577         }
3578
3579         l = BUS_MESSAGE_FIELDS_SIZE(m);
3580         a = ALIGN8(l) - l;
3581
3582         if (a > 0) {
3583                 /* Add padding at the end, since we know the body
3584                  * needs to start at an 8 byte alignment. */
3585                 void *p;
3586
3587                 p = message_extend_fields(m, 1, a);
3588                 if (!p)
3589                         return -ENOMEM;
3590
3591                 memset(p, 0, a);
3592                 m->header->fields_size -= a;
3593         }
3594
3595         m->header->serial = serial;
3596         m->sealed = true;
3597
3598         return 0;
3599 }
3600
3601 int sd_bus_message_set_destination(sd_bus_message *m, const char *destination) {
3602         if (!m)
3603                 return -EINVAL;
3604         if (!destination)
3605                 return -EINVAL;
3606         if (m->sealed)
3607                 return -EPERM;
3608         if (m->destination)
3609                 return -EEXIST;
3610
3611         return message_append_field_string(m, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, destination, &m->destination);
3612 }
3613
3614 int bus_message_dump(sd_bus_message *m) {
3615         const char *u = NULL, *uu = NULL, *s = NULL;
3616         char **cmdline = NULL;
3617         unsigned level = 1;
3618         int r;
3619         uid_t owner, audit_loginuid;
3620         uint32_t audit_sessionid;
3621
3622         assert(m);
3623
3624         printf("Message %p\n"
3625                "\tn_ref=%u\n"
3626                "\tendian=%c\n"
3627                "\ttype=%i\n"
3628                "\tflags=%u\n"
3629                "\tversion=%u\n"
3630                "\tserial=%u\n"
3631                "\tfields_size=%u\n"
3632                "\tbody_size=%u\n"
3633                "\tpath=%s\n"
3634                "\tinterface=%s\n"
3635                "\tmember=%s\n"
3636                "\tdestination=%s\n"
3637                "\tsender=%s\n"
3638                "\tsignature=%s\n"
3639                "\treply_serial=%u\n"
3640                "\terror.name=%s\n"
3641                "\terror.message=%s\n"
3642                "\tsealed=%s\n",
3643                m,
3644                m->n_ref,
3645                m->header->endian,
3646                m->header->type,
3647                m->header->flags,
3648                m->header->version,
3649                BUS_MESSAGE_SERIAL(m),
3650                BUS_MESSAGE_FIELDS_SIZE(m),
3651                BUS_MESSAGE_BODY_SIZE(m),
3652                strna(m->path),
3653                strna(m->interface),
3654                strna(m->member),
3655                strna(m->destination),
3656                strna(m->sender),
3657                strna(m->root_container.signature),
3658                m->reply_serial,
3659                strna(m->error.name),
3660                strna(m->error.message),
3661                yes_no(m->sealed));
3662
3663         if (m->pid != 0)
3664                 printf("\tpid=%lu\n", (unsigned long) m->pid);
3665         if (m->tid != 0)
3666                 printf("\ttid=%lu\n", (unsigned long) m->tid);
3667         if (m->uid_valid)
3668                 printf("\tuid=%lu\n", (unsigned long) m->uid);
3669         if (m->gid_valid)
3670                 printf("\tgid=%lu\n", (unsigned long) m->gid);
3671         if (m->pid_starttime != 0)
3672                 printf("\tpid_starttime=%llu\n", (unsigned long long) m->pid_starttime);
3673         if (m->monotonic != 0)
3674                 printf("\tmonotonic=%llu\n", (unsigned long long) m->monotonic);
3675         if (m->realtime != 0)
3676                 printf("\trealtime=%llu\n", (unsigned long long) m->realtime);
3677         if (m->exe)
3678                 printf("\texe=[%s]\n", m->exe);
3679         if (m->comm)
3680                 printf("\tcomm=[%s]\n", m->comm);
3681         if (m->tid_comm)
3682                 printf("\ttid_comm=[%s]\n", m->tid_comm);
3683         if (m->label)
3684                 printf("\tlabel=[%s]\n", m->label);
3685         if (m->cgroup)
3686                 printf("\tcgroup=[%s]\n", m->cgroup);
3687
3688         sd_bus_message_get_unit(m, &u);
3689         if (u)
3690                 printf("\tunit=[%s]\n", u);
3691         sd_bus_message_get_user_unit(m, &uu);
3692         if (uu)
3693                 printf("\tuser_unit=[%s]\n", uu);
3694         sd_bus_message_get_session(m, &s);
3695         if (s)
3696                 printf("\tsession=[%s]\n", s);
3697         if (sd_bus_message_get_owner_uid(m, &owner) >= 0)
3698                 printf("\towner_uid=%lu\n", (unsigned long) owner);
3699         if (sd_bus_message_get_audit_loginuid(m, &audit_loginuid) >= 0)
3700                 printf("\taudit_loginuid=%lu\n", (unsigned long) audit_loginuid);
3701         if (sd_bus_message_get_audit_sessionid(m, &audit_sessionid) >= 0)
3702                 printf("\taudit_sessionid=%lu\n", (unsigned long) audit_sessionid);
3703
3704         printf("\tCAP_KILL=%i\n", sd_bus_message_has_effective_cap(m, 5));
3705
3706         if (sd_bus_message_get_cmdline(m, &cmdline) >= 0) {
3707                 char **c;
3708
3709                 fputs("\tcmdline=[", stdout);
3710                 STRV_FOREACH(c, cmdline) {
3711                         if (c != cmdline)
3712                                 putchar(' ');
3713
3714                         fputs(*c, stdout);
3715                 }
3716
3717                 fputs("]\n", stdout);
3718         }
3719
3720         r = sd_bus_message_rewind(m, true);
3721         if (r < 0) {
3722                 log_error("Failed to rewind: %s", strerror(-r));
3723                 return r;
3724         }
3725
3726         printf("BEGIN_MESSAGE \"%s\" {\n", strempty(m->root_container.signature));