chiark / gitweb /
bus: unmap memfd retrieved from the memfd cache
[elogind.git] / src / libsystemd-bus / bus-message.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4   This file is part of systemd.
5
6   Copyright 2013 Lennart Poettering
7
8   systemd is free software; you can redistribute it and/or modify it
9   under the terms of the GNU Lesser General Public License as published by
10   the Free Software Foundation; either version 2.1 of the License, or
11   (at your option) any later version.
12
13   systemd is distributed in the hope that it will be useful, but
14   WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16   Lesser General Public License for more details.
17
18   You should have received a copy of the GNU Lesser General Public License
19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <sys/mman.h>
25
26 #include "util.h"
27 #include "utf8.h"
28 #include "strv.h"
29 #include "time-util.h"
30 #include "cgroup-util.h"
31
32 #include "sd-bus.h"
33 #include "bus-message.h"
34 #include "bus-internal.h"
35 #include "bus-type.h"
36 #include "bus-signature.h"
37
38 static int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored);
39
40 static void *adjust_pointer(const void *p, void *old_base, size_t sz, void *new_base) {
41
42         if (p == NULL)
43                 return NULL;
44
45         if (old_base == new_base)
46                 return (void*) p;
47
48         if ((uint8_t*) p < (uint8_t*) old_base)
49                 return (void*) p;
50
51         if ((uint8_t*) p >= (uint8_t*) old_base + sz)
52                 return (void*) p;
53
54         return (uint8_t*) new_base + ((uint8_t*) p - (uint8_t*) old_base);
55 }
56
57 static void message_free_part(sd_bus_message *m, struct bus_body_part *part) {
58         assert(m);
59         assert(part);
60
61         if (part->memfd >= 0) {
62                 /* If we can reuse the memfd, try that. For that it
63                  * can't be sealed yet. */
64
65                 if (!part->sealed)
66                         bus_kernel_push_memfd(m->bus, part->memfd, part->data, part->mapped);
67                 else {
68                         if (part->mapped > 0)
69                                 assert_se(munmap(part->data, part->mapped) == 0);
70
71                         close_nointr_nofail(part->memfd);
72                 }
73
74         } else if (part->munmap_this)
75                 munmap(part->data, part->mapped);
76         else if (part->free_this)
77                 free(part->data);
78
79         if (part != &m->body)
80                 free(part);
81 }
82
83 static void message_reset_parts(sd_bus_message *m) {
84         struct bus_body_part *part;
85
86         assert(m);
87
88         part = &m->body;
89         while (m->n_body_parts > 0) {
90                 struct bus_body_part *next = part->next;
91                 message_free_part(m, part);
92                 part = next;
93                 m->n_body_parts--;
94         }
95
96         m->body_end = NULL;
97
98         m->cached_rindex_part = NULL;
99         m->cached_rindex_part_begin = 0;
100 }
101
102 static void message_reset_containers(sd_bus_message *m) {
103         unsigned i;
104
105         assert(m);
106
107         for (i = 0; i < m->n_containers; i++)
108                 free(m->containers[i].signature);
109
110         free(m->containers);
111         m->containers = NULL;
112
113         m->n_containers = 0;
114         m->root_container.index = 0;
115 }
116
117 static void message_free(sd_bus_message *m) {
118         assert(m);
119
120         if (m->free_header)
121                 free(m->header);
122
123         message_reset_parts(m);
124
125         if (m->free_kdbus)
126                 free(m->kdbus);
127
128         if (m->release_kdbus) {
129                 uint64_t off;
130
131                 off = (uint8_t *)m->kdbus - (uint8_t *)m->bus->kdbus_buffer;
132                 ioctl(m->bus->input_fd, KDBUS_CMD_MSG_RELEASE, &off);
133         }
134
135         if (m->bus)
136                 sd_bus_unref(m->bus);
137
138         if (m->free_fds) {
139                 close_many(m->fds, m->n_fds);
140                 free(m->fds);
141         }
142
143         if (m->iovec != m->iovec_fixed)
144                 free(m->iovec);
145
146         free(m->cmdline_array);
147
148         message_reset_containers(m);
149         free(m->root_container.signature);
150
151         free(m->peeked_signature);
152
153         free(m->unit);
154         free(m->user_unit);
155         free(m->session);
156         free(m);
157 }
158
159 static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz) {
160         void *op, *np;
161         size_t old_size, new_size, start;
162
163         assert(m);
164
165         if (m->poisoned)
166                 return NULL;
167
168         old_size = sizeof(struct bus_header) + m->header->fields_size;
169         start = ALIGN_TO(old_size, align);
170         new_size = start + sz;
171
172         if (old_size == new_size)
173                 return (uint8_t*) m->header + old_size;
174
175         if (new_size > (size_t) ((uint32_t) -1))
176                 goto poison;
177
178         if (m->free_header) {
179                 np = realloc(m->header, ALIGN8(new_size));
180                 if (!np)
181                         goto poison;
182         } else {
183                 /* Initially, the header is allocated as part of of
184                  * the sd_bus_message itself, let's replace it by
185                  * dynamic data */
186
187                 np = malloc(ALIGN8(new_size));
188                 if (!np)
189                         goto poison;
190
191                 memcpy(np, m->header, sizeof(struct bus_header));
192         }
193
194         /* Zero out padding */
195         if (start > old_size)
196                 memset((uint8_t*) np + old_size, 0, start - old_size);
197
198         op = m->header;
199         m->header = np;
200         m->header->fields_size = new_size - sizeof(struct bus_header);
201
202         /* Adjust quick access pointers */
203         m->path = adjust_pointer(m->path, op, old_size, m->header);
204         m->interface = adjust_pointer(m->interface, op, old_size, m->header);
205         m->member = adjust_pointer(m->member, op, old_size, m->header);
206         m->destination = adjust_pointer(m->destination, op, old_size, m->header);
207         m->sender = adjust_pointer(m->sender, op, old_size, m->header);
208         m->error.name = adjust_pointer(m->error.name, op, old_size, m->header);
209
210         m->free_header = true;
211
212         return (uint8_t*) np + start;
213
214 poison:
215         m->poisoned = true;
216         return NULL;
217 }
218
219 static int message_append_field_string(
220                 sd_bus_message *m,
221                 uint8_t h,
222                 char type,
223                 const char *s,
224                 const char **ret) {
225
226         size_t l;
227         uint8_t *p;
228
229         assert(m);
230
231         l = strlen(s);
232         if (l > (size_t) (uint32_t) -1)
233                 return -EINVAL;
234
235         /* field id byte + signature length + signature 's' + NUL + string length + string + NUL */
236         p = message_extend_fields(m, 8, 4 + 4 + l + 1);
237         if (!p)
238                 return -ENOMEM;
239
240         p[0] = h;
241         p[1] = 1;
242         p[2] = type;
243         p[3] = 0;
244
245         ((uint32_t*) p)[1] = l;
246         memcpy(p + 8, s, l + 1);
247
248         if (ret)
249                 *ret = (char*) p + 8;
250
251         return 0;
252 }
253
254 static int message_append_field_signature(
255                 sd_bus_message *m,
256                 uint8_t h,
257                 const char *s,
258                 const char **ret) {
259
260         size_t l;
261         uint8_t *p;
262
263         assert(m);
264
265         l = strlen(s);
266         if (l > 255)
267                 return -EINVAL;
268
269         /* field id byte + signature length + signature 'g' + NUL + string length + string + NUL */
270         p = message_extend_fields(m, 8, 4 + 1 + l + 1);
271         if (!p)
272                 return -ENOMEM;
273
274         p[0] = h;
275         p[1] = 1;
276         p[2] = SD_BUS_TYPE_SIGNATURE;
277         p[3] = 0;
278         p[4] = l;
279         memcpy(p + 5, s, l + 1);
280
281         if (ret)
282                 *ret = (const char*) p + 5;
283
284         return 0;
285 }
286
287 static int message_append_field_uint32(sd_bus_message *m, uint8_t h, uint32_t x) {
288         uint8_t *p;
289
290         assert(m);
291
292         /* field id byte + signature length + signature 'u' + NUL + value */
293         p = message_extend_fields(m, 8, 4 + 4);
294         if (!p)
295                 return -ENOMEM;
296
297         p[0] = h;
298         p[1] = 1;
299         p[2] = SD_BUS_TYPE_UINT32;
300         p[3] = 0;
301
302         ((uint32_t*) p)[1] = x;
303
304         return 0;
305 }
306
307 int bus_message_from_header(
308                 void *buffer,
309                 size_t length,
310                 int *fds,
311                 unsigned n_fds,
312                 const struct ucred *ucred,
313                 const char *label,
314                 size_t extra,
315                 sd_bus_message **ret) {
316
317         sd_bus_message *m;
318         struct bus_header *h;
319         size_t a, label_sz;
320
321         assert(buffer || length <= 0);
322         assert(fds || n_fds <= 0);
323         assert(ret);
324
325         if (length < sizeof(struct bus_header))
326                 return -EBADMSG;
327
328         h = buffer;
329         if (h->version != 1)
330                 return -EBADMSG;
331
332         if (h->serial == 0)
333                 return -EBADMSG;
334
335         if (h->type == _SD_BUS_MESSAGE_TYPE_INVALID)
336                 return -EBADMSG;
337
338         if (h->endian != SD_BUS_LITTLE_ENDIAN &&
339             h->endian != SD_BUS_BIG_ENDIAN)
340                 return -EBADMSG;
341
342         a = ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
343
344         if (label) {
345                 label_sz = strlen(label);
346                 a += label_sz + 1;
347         }
348
349         m = malloc0(a);
350         if (!m)
351                 return -ENOMEM;
352
353         m->n_ref = 1;
354         m->sealed = true;
355         m->header = h;
356         m->fds = fds;
357         m->n_fds = n_fds;
358
359         if (ucred) {
360                 m->uid = ucred->uid;
361                 m->pid = ucred->pid;
362                 m->gid = ucred->gid;
363                 m->uid_valid = m->gid_valid = true;
364         }
365
366         if (label) {
367                 m->label = (char*) m + ALIGN(sizeof(sd_bus_message)) + ALIGN(extra);
368                 memcpy(m->label, label, label_sz + 1);
369         }
370
371         *ret = m;
372         return 0;
373 }
374
375 int bus_message_from_malloc(
376                 void *buffer,
377                 size_t length,
378                 int *fds,
379                 unsigned n_fds,
380                 const struct ucred *ucred,
381                 const char *label,
382                 sd_bus_message **ret) {
383
384         sd_bus_message *m;
385         int r;
386
387         r = bus_message_from_header(buffer, length, fds, n_fds, ucred, label, 0, &m);
388         if (r < 0)
389                 return r;
390
391         if (length != BUS_MESSAGE_SIZE(m)) {
392                 r = -EBADMSG;
393                 goto fail;
394         }
395
396         m->n_body_parts = 1;
397         m->body.data = (uint8_t*) buffer + sizeof(struct bus_header) + ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
398         m->body.size = length - sizeof(struct bus_header) - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
399         m->body.sealed = true;
400         m->body.memfd = -1;
401
402         m->n_iovec = 1;
403         m->iovec = m->iovec_fixed;
404         m->iovec[0].iov_base = buffer;
405         m->iovec[0].iov_len = length;
406
407         r = bus_message_parse_fields(m);
408         if (r < 0)
409                 goto fail;
410
411         /* We take possession of the memory and fds now */
412         m->free_header = true;
413         m->free_fds = true;
414
415         *ret = m;
416         return 0;
417
418 fail:
419         message_free(m);
420         return r;
421 }
422
423 static sd_bus_message *message_new(sd_bus *bus, uint8_t type) {
424         sd_bus_message *m;
425
426         m = malloc0(ALIGN(sizeof(sd_bus_message)) + sizeof(struct bus_header));
427         if (!m)
428                 return NULL;
429
430         m->n_ref = 1;
431         m->header = (struct bus_header*) ((uint8_t*) m + ALIGN(sizeof(struct sd_bus_message)));
432         m->header->endian = SD_BUS_NATIVE_ENDIAN;
433         m->header->type = type;
434         m->header->version = bus ? bus->message_version : 1;
435         m->allow_fds = !bus || bus->can_fds || (bus->state != BUS_HELLO && bus->state != BUS_RUNNING);
436
437         if (bus)
438                 m->bus = sd_bus_ref(bus);
439
440         return m;
441 }
442
443 int sd_bus_message_new_signal(
444                 sd_bus *bus,
445                 const char *path,
446                 const char *interface,
447                 const char *member,
448                 sd_bus_message **m) {
449
450         sd_bus_message *t;
451         int r;
452
453         if (!path)
454                 return -EINVAL;
455         if (!interface)
456                 return -EINVAL;
457         if (!member)
458                 return -EINVAL;
459         if (!m)
460                 return -EINVAL;
461         if (bus && bus->state == BUS_UNSET)
462                 return -ENOTCONN;
463
464         t = message_new(bus, SD_BUS_MESSAGE_TYPE_SIGNAL);
465         if (!t)
466                 return -ENOMEM;
467
468         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
469
470         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
471         if (r < 0)
472                 goto fail;
473         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
474         if (r < 0)
475                 goto fail;
476         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
477         if (r < 0)
478                 goto fail;
479
480         *m = t;
481         return 0;
482
483 fail:
484         sd_bus_message_unref(t);
485         return r;
486 }
487
488 int sd_bus_message_new_method_call(
489                 sd_bus *bus,
490                 const char *destination,
491                 const char *path,
492                 const char *interface,
493                 const char *member,
494                 sd_bus_message **m) {
495
496         sd_bus_message *t;
497         int r;
498
499         if (!path)
500                 return -EINVAL;
501         if (!member)
502                 return -EINVAL;
503         if (!m)
504                 return -EINVAL;
505         if (bus && bus->state == BUS_UNSET)
506                 return -ENOTCONN;
507
508         t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_CALL);
509         if (!t)
510                 return -ENOMEM;
511
512         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_PATH, SD_BUS_TYPE_OBJECT_PATH, path, &t->path);
513         if (r < 0)
514                 goto fail;
515         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_MEMBER, SD_BUS_TYPE_STRING, member, &t->member);
516         if (r < 0)
517                 goto fail;
518
519         if (interface) {
520                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_INTERFACE, SD_BUS_TYPE_STRING, interface, &t->interface);
521                 if (r < 0)
522                         goto fail;
523         }
524
525         if (destination) {
526                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, destination, &t->destination);
527                 if (r < 0)
528                         goto fail;
529         }
530
531         *m = t;
532         return 0;
533
534 fail:
535         message_free(t);
536         return r;
537 }
538
539 static int message_new_reply(
540                 sd_bus *bus,
541                 sd_bus_message *call,
542                 uint8_t type,
543                 sd_bus_message **m) {
544
545         sd_bus_message *t;
546         int r;
547
548         if (!call)
549                 return -EINVAL;
550         if (!call->sealed)
551                 return -EPERM;
552         if (call->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
553                 return -EINVAL;
554         if (!m)
555                 return -EINVAL;
556         if (bus && bus->state == BUS_UNSET)
557                 return -ENOTCONN;
558
559         t = message_new(bus, type);
560         if (!t)
561                 return -ENOMEM;
562
563         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
564         t->reply_serial = BUS_MESSAGE_SERIAL(call);
565
566         r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
567         if (r < 0)
568                 goto fail;
569
570         if (call->sender) {
571                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, call->sender, &t->destination);
572                 if (r < 0)
573                         goto fail;
574         }
575
576         t->dont_send = !!(call->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED);
577
578         *m = t;
579         return 0;
580
581 fail:
582         message_free(t);
583         return r;
584 }
585
586 int sd_bus_message_new_method_return(
587                 sd_bus *bus,
588                 sd_bus_message *call,
589                 sd_bus_message **m) {
590
591         return message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_RETURN, m);
592 }
593
594 int sd_bus_message_new_method_error(
595                 sd_bus *bus,
596                 sd_bus_message *call,
597                 const sd_bus_error *e,
598                 sd_bus_message **m) {
599
600         sd_bus_message *t;
601         int r;
602
603         if (!sd_bus_error_is_set(e))
604                 return -EINVAL;
605         if (!m)
606                 return -EINVAL;
607
608         r = message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_ERROR, &t);
609         if (r < 0)
610                 return r;
611
612         r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_ERROR_NAME, SD_BUS_TYPE_STRING, e->name, &t->error.name);
613         if (r < 0)
614                 goto fail;
615
616         if (e->message) {
617                 r = message_append_basic(t, SD_BUS_TYPE_STRING, e->message, (const void**) &t->error.message);
618                 if (r < 0)
619                         goto fail;
620         }
621
622         *m = t;
623         return 0;
624
625 fail:
626         message_free(t);
627         return r;
628 }
629
630 int bus_message_new_synthetic_error(
631                 sd_bus *bus,
632                 uint64_t serial,
633                 const sd_bus_error *e,
634                 sd_bus_message **m) {
635
636         sd_bus_message *t;
637         int r;
638
639         assert(sd_bus_error_is_set(e));
640         assert(m);
641
642         t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_ERROR);
643         if (!t)
644                 return -ENOMEM;
645
646         t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
647         t->reply_serial = serial;
648
649         r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
650         if (r < 0)
651                 goto fail;
652
653         if (bus && bus->unique_name) {
654                 r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, bus->unique_name, &t->destination);
655                 if (r < 0)
656                         goto fail;
657         }
658
659         *m = t;
660         return 0;
661
662 fail:
663         message_free(t);
664         return r;
665 }
666
667 sd_bus_message* sd_bus_message_ref(sd_bus_message *m) {
668         if (!m)
669                 return NULL;
670
671         assert(m->n_ref > 0);
672         m->n_ref++;
673
674         return m;
675 }
676
677 sd_bus_message* sd_bus_message_unref(sd_bus_message *m) {
678         if (!m)
679                 return NULL;
680
681         assert(m->n_ref > 0);
682         m->n_ref--;
683
684         if (m->n_ref <= 0)
685                 message_free(m);
686
687         return NULL;
688 }
689
690 int sd_bus_message_get_type(sd_bus_message *m, uint8_t *type) {
691         if (!m)
692                 return -EINVAL;
693         if (!type)
694                 return -EINVAL;
695
696         *type = m->header->type;
697         return 0;
698 }
699
700 int sd_bus_message_get_serial(sd_bus_message *m, uint64_t *serial) {
701         if (!m)
702                 return -EINVAL;
703         if (!serial)
704                 return -EINVAL;
705         if (m->header->serial == 0)
706                 return -ENOENT;
707
708         *serial = BUS_MESSAGE_SERIAL(m);
709         return 0;
710 }
711
712 int sd_bus_message_get_reply_serial(sd_bus_message *m, uint64_t *serial) {
713         if (!m)
714                 return -EINVAL;
715         if (!serial)
716                 return -EINVAL;
717         if (m->reply_serial == 0)
718                 return -ENOENT;
719
720         *serial = m->reply_serial;
721         return 0;
722 }
723
724 int sd_bus_message_get_no_reply(sd_bus_message *m) {
725         if (!m)
726                 return -EINVAL;
727
728         return m->header->type == SD_BUS_MESSAGE_TYPE_METHOD_CALL ? !!(m->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED) : 0;
729 }
730
731 const char *sd_bus_message_get_path(sd_bus_message *m) {
732         if (!m)
733                 return NULL;
734
735         return m->path;
736 }
737
738 const char *sd_bus_message_get_interface(sd_bus_message *m) {
739         if (!m)
740                 return NULL;
741
742         return m->interface;
743 }
744
745 const char *sd_bus_message_get_member(sd_bus_message *m) {
746         if (!m)
747                 return NULL;
748
749         return m->member;
750 }
751 const char *sd_bus_message_get_destination(sd_bus_message *m) {
752         if (!m)
753                 return NULL;
754
755         return m->destination;
756 }
757
758 const char *sd_bus_message_get_sender(sd_bus_message *m) {
759         if (!m)
760                 return NULL;
761
762         return m->sender;
763 }
764
765 const sd_bus_error *sd_bus_message_get_error(sd_bus_message *m) {
766         if (!m)
767                 return NULL;
768
769         if (!sd_bus_error_is_set(&m->error))
770                 return NULL;
771
772         return &m->error;
773 }
774
775 int sd_bus_message_get_uid(sd_bus_message *m, uid_t *uid) {
776         if (!m)
777                 return -EINVAL;
778         if (!uid)
779                 return -EINVAL;
780         if (!m->uid_valid)
781                 return -ESRCH;
782
783         *uid = m->uid;
784         return 0;
785 }
786
787 int sd_bus_message_get_gid(sd_bus_message *m, gid_t *gid) {
788         if (!m)
789                 return -EINVAL;
790         if (!gid)
791                 return -EINVAL;
792         if (!m->gid_valid)
793                 return -ESRCH;
794
795         *gid = m->gid;
796         return 0;
797 }
798
799 int sd_bus_message_get_pid(sd_bus_message *m, pid_t *pid) {
800         if (!m)
801                 return -EINVAL;
802         if (!pid)
803                 return -EINVAL;
804         if (m->pid <= 0)
805                 return -ESRCH;
806
807         *pid = m->pid;
808         return 0;
809 }
810
811 int sd_bus_message_get_tid(sd_bus_message *m, pid_t *tid) {
812         if (!m)
813                 return -EINVAL;
814         if (!tid)
815                 return -EINVAL;
816         if (m->tid <= 0)
817                 return -ESRCH;
818
819         *tid = m->tid;
820         return 0;
821 }
822
823 int sd_bus_message_get_pid_starttime(sd_bus_message *m, uint64_t *usec) {
824         if (!m)
825                 return -EINVAL;
826         if (!usec)
827                 return -EINVAL;
828         if (m->pid_starttime <= 0)
829                 return -ESRCH;
830
831         *usec = m->pid_starttime;
832         return 0;
833 }
834
835 int sd_bus_message_get_selinux_context(sd_bus_message *m, const char **ret) {
836         if (!m)
837                 return -EINVAL;
838         if (!m->label)
839                 return -ESRCH;
840
841         *ret = m->label;
842         return 0;
843 }
844
845 int sd_bus_message_get_monotonic_timestamp(sd_bus_message *m, uint64_t *usec) {
846         if (!m)
847                 return -EINVAL;
848         if (!usec)
849                 return -EINVAL;
850         if (m->monotonic <= 0)
851                 return -ESRCH;
852
853         *usec = m->monotonic;
854         return 0;
855 }
856
857 int sd_bus_message_get_realtime_timestamp(sd_bus_message *m, uint64_t *usec) {
858         if (!m)
859                 return -EINVAL;
860         if (!usec)
861                 return -EINVAL;
862         if (m->realtime <= 0)
863                 return -ESRCH;
864
865         *usec = m->realtime;
866         return 0;
867 }
868
869 int sd_bus_message_get_comm(sd_bus_message *m, const char **ret) {
870         if (!m)
871                 return -EINVAL;
872         if (!ret)
873                 return -EINVAL;
874         if (!m->comm)
875                 return -ESRCH;
876
877         *ret = m->comm;
878         return 0;
879 }
880
881 int sd_bus_message_get_tid_comm(sd_bus_message *m, const char **ret) {
882         if (!m)
883                 return -EINVAL;
884         if (!ret)
885                 return -EINVAL;
886         if (!m->tid_comm)
887                 return -ESRCH;
888
889         *ret = m->tid_comm;
890         return 0;
891 }
892
893 int sd_bus_message_get_exe(sd_bus_message *m, const char **ret) {
894         if (!m)
895                 return -EINVAL;
896         if (!ret)
897                 return -EINVAL;
898         if (!m->exe)
899                 return -ESRCH;
900
901         *ret = m->exe;
902         return 0;
903 }
904
905 int sd_bus_message_get_cgroup(sd_bus_message *m, const char **ret) {
906         if (!m)
907                 return -EINVAL;
908         if (!ret)
909                 return -EINVAL;
910         if (!m->cgroup)
911                 return -ESRCH;
912
913         *ret = m->cgroup;
914         return 0;
915 }
916
917 int sd_bus_message_get_unit(sd_bus_message *m, const char **ret) {
918         int r;
919
920         if (!m)
921                 return -EINVAL;
922         if (!ret)
923                 return -EINVAL;
924         if (!m->cgroup)
925                 return -ESRCH;
926
927         if (!m->unit) {
928                 r = cg_path_get_unit(m->cgroup, &m->unit);
929                 if (r < 0)
930                         return r;
931         }
932
933         *ret = m->unit;
934         return 0;
935 }
936
937 int sd_bus_message_get_user_unit(sd_bus_message *m, const char **ret) {
938         int r;
939
940         if (!m)
941                 return -EINVAL;
942         if (!ret)
943                 return -EINVAL;
944         if (!m->cgroup)
945                 return -ESRCH;
946
947         if (!m->user_unit) {
948                 r = cg_path_get_user_unit(m->cgroup, &m->user_unit);
949                 if (r < 0)
950                         return r;
951         }
952
953         *ret = m->user_unit;
954         return 0;
955 }
956
957 int sd_bus_message_get_session(sd_bus_message *m, const char **ret) {
958         int r;
959
960         if (!m)
961                 return -EINVAL;
962         if (!ret)
963                 return -EINVAL;
964         if (!m->cgroup)
965                 return -ESRCH;
966
967         if (!m->session) {
968                 r = cg_path_get_session(m->cgroup, &m->session);
969                 if (r < 0)
970                         return r;
971         }
972
973         *ret = m->session;
974         return 0;
975 }
976
977 int sd_bus_message_get_owner_uid(sd_bus_message *m, uid_t *uid) {
978         if (!m)
979                 return -EINVAL;
980         if (!uid)
981                 return -EINVAL;
982         if (!m->cgroup)
983                 return -ESRCH;
984
985         return cg_path_get_owner_uid(m->cgroup, uid);
986 }
987
988 int sd_bus_message_get_cmdline(sd_bus_message *m, char ***cmdline) {
989         size_t n, i;
990         const char *p;
991         bool first;
992
993         if (!m)
994                 return -EINVAL;
995
996         if (!m->cmdline)
997                 return -ENOENT;
998
999         for (p = m->cmdline, n = 0; p < m->cmdline + m->cmdline_length; p++)
1000                 if (*p == 0)
1001                         n++;
1002
1003         m->cmdline_array = new(char*, n + 1);
1004         if (!m->cmdline_array)
1005                 return -ENOMEM;
1006
1007         for (p = m->cmdline, i = 0, first = true; p < m->cmdline + m->cmdline_length; p++) {
1008                 if (first)
1009                         m->cmdline_array[i++] = (char*) p;
1010
1011                 first = *p == 0;
1012         }
1013
1014         m->cmdline_array[i] = NULL;
1015         *cmdline = m->cmdline_array;
1016
1017         return 0;
1018 }
1019
1020 int sd_bus_message_get_audit_sessionid(sd_bus_message *m, uint32_t *sessionid) {
1021         if (!m)
1022                 return -EINVAL;
1023         if (!sessionid)
1024                 return -EINVAL;
1025         if (!m->audit)
1026                 return -ESRCH;
1027
1028         *sessionid = m->audit->sessionid;
1029         return 0;
1030 }
1031
1032 int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *uid) {
1033         if (!m)
1034                 return -EINVAL;
1035         if (!uid)
1036                 return -EINVAL;
1037         if (!m->audit)
1038                 return -ESRCH;
1039
1040         *uid = m->audit->loginuid;
1041         return 0;
1042 }
1043
1044 int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability) {
1045         unsigned sz;
1046
1047         if (!m)
1048                 return -EINVAL;
1049         if (capability < 0)
1050                 return -EINVAL;
1051         if (!m->capability)
1052                 return -ESRCH;
1053
1054         sz = m->capability_size / 4;
1055         if ((unsigned) capability >= sz*8)
1056                 return 0;
1057
1058         return !!(m->capability[2 * sz + (capability / 8)] & (1 << (capability % 8)));
1059 }
1060
1061 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member) {
1062         if (!m)
1063                 return -EINVAL;
1064
1065         if (m->header->type != SD_BUS_MESSAGE_TYPE_SIGNAL)
1066                 return 0;
1067
1068         if (interface && (!m->interface || !streq(m->interface, interface)))
1069                 return 0;
1070
1071         if (member &&  (!m->member || !streq(m->member, member)))
1072                 return 0;
1073
1074         return 1;
1075 }
1076
1077 int sd_bus_message_is_method_call(sd_bus_message *m, const char *interface, const char *member) {
1078         if (!m)
1079                 return -EINVAL;
1080
1081         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1082                 return 0;
1083
1084         if (interface && (!m->interface || !streq(m->interface, interface)))
1085                 return 0;
1086
1087         if (member &&  (!m->member || !streq(m->member, member)))
1088                 return 0;
1089
1090         return 1;
1091 }
1092
1093 int sd_bus_message_is_method_error(sd_bus_message *m, const char *name) {
1094         if (!m)
1095                 return -EINVAL;
1096
1097         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_ERROR)
1098                 return 0;
1099
1100         if (name && (!m->error.name || !streq(m->error.name, name)))
1101                 return 0;
1102
1103         return 1;
1104 }
1105
1106 int sd_bus_message_set_no_reply(sd_bus_message *m, int b) {
1107         if (!m)
1108                 return -EINVAL;
1109         if (m->sealed)
1110                 return -EPERM;
1111         if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
1112                 return -EPERM;
1113
1114         if (b)
1115                 m->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1116         else
1117                 m->header->flags &= ~SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
1118
1119         return 0;
1120 }
1121
1122 static struct bus_container *message_get_container(sd_bus_message *m) {
1123         assert(m);
1124
1125         if (m->n_containers == 0)
1126                 return &m->root_container;
1127
1128         assert(m->containers);
1129         return m->containers + m->n_containers - 1;
1130 }
1131
1132 struct bus_body_part *message_append_part(sd_bus_message *m) {
1133         struct bus_body_part *part;
1134
1135         assert(m);
1136
1137         if (m->poisoned)
1138                 return NULL;
1139
1140         if (m->n_body_parts <= 0) {
1141                 part = &m->body;
1142                 zero(*part);
1143         } else {
1144                 assert(m->body_end);
1145
1146                 part = new0(struct bus_body_part, 1);
1147                 if (!part) {
1148                         m->poisoned = true;
1149                         return NULL;
1150                 }
1151
1152                 m->body_end->next = part;
1153         }
1154
1155         part->memfd = -1;
1156         m->body_end = part;
1157         m->n_body_parts ++;
1158
1159         return part;
1160 }
1161
1162 static void part_zero(struct bus_body_part *part, size_t sz) {
1163         assert(part);
1164         assert(sz > 0);
1165         assert(sz < 8);
1166
1167         /* All other fields can be left in their defaults */
1168         assert(!part->data);
1169         assert(part->memfd < 0);
1170
1171         part->size = sz;
1172         part->is_zero = true;
1173         part->sealed = true;
1174 }
1175
1176 static int part_make_space(
1177                 struct sd_bus_message *m,
1178                 struct bus_body_part *part,
1179                 size_t sz,
1180                 void **q) {
1181
1182         void *n;
1183         int r;
1184
1185         assert(m);
1186         assert(part);
1187         assert(!part->sealed);
1188
1189         if (m->poisoned)
1190                 return -ENOMEM;
1191
1192         if (!part->data && part->memfd < 0)
1193                 part->memfd = bus_kernel_pop_memfd(m->bus, &part->data, &part->mapped);
1194
1195         if (part->memfd >= 0) {
1196                 uint64_t u = sz;
1197
1198                 r = ioctl(part->memfd, KDBUS_CMD_MEMFD_SIZE_SET, &u);
1199                 if (r < 0) {
1200                         m->poisoned = true;
1201                         return -errno;
1202                 }
1203
1204                 if (!part->data || sz > part->mapped) {
1205                         size_t psz = PAGE_ALIGN(sz > 0 ? sz : 1);
1206
1207                         if (part->mapped <= 0)
1208                                 n = mmap(NULL, psz, PROT_READ|PROT_WRITE, MAP_SHARED, part->memfd, 0);
1209                         else
1210                                 n = mremap(part->data, part->mapped, psz, MREMAP_MAYMOVE);
1211
1212                         if (n == MAP_FAILED) {
1213                                 m->poisoned = true;
1214                                 return -errno;
1215                         }
1216
1217                         part->mapped = psz;
1218                         part->data = n;
1219                 }
1220
1221                 part->munmap_this = true;
1222         } else {
1223                 n = realloc(part->data, sz);
1224                 if (!n) {
1225                         m->poisoned = true;
1226                         return -ENOMEM;
1227                 }
1228
1229                 part->data = n;
1230                 part->free_this = true;
1231         }
1232
1233         if (q)
1234                 *q = part->data ? (uint8_t*) part->data + part->size : NULL;
1235
1236         part->size = sz;
1237         return 0;
1238 }
1239
1240 static void message_extend_containers(sd_bus_message *m, size_t expand) {
1241         struct bus_container *c;
1242
1243         assert(m);
1244
1245         if (expand <= 0)
1246                 return;
1247
1248         /* Update counters */
1249         for (c = m->containers; c < m->containers + m->n_containers; c++)
1250                 if (c->array_size)
1251                         *c->array_size += expand;
1252 }
1253
1254 static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
1255         struct bus_body_part *part = NULL;
1256         size_t start_body, end_body, padding, start_part, end_part, added;
1257         bool add_new_part;
1258         void *p;
1259         int r;
1260
1261         assert(m);
1262         assert(align > 0);
1263         assert(!m->sealed);
1264
1265         if (m->poisoned)
1266                 return NULL;
1267
1268         start_body = ALIGN_TO((size_t) m->header->body_size, align);
1269         end_body = start_body + sz;
1270
1271         padding = start_body - m->header->body_size;
1272         added = padding + sz;
1273
1274         /* Check for 32bit overflows */
1275         if (end_body > (size_t) ((uint32_t) -1)) {
1276                 m->poisoned = true;
1277                 return NULL;
1278         }
1279
1280         add_new_part =
1281                 m->n_body_parts <= 0 ||
1282                 m->body_end->sealed ||
1283                 padding != ALIGN_TO(m->body_end->size, align) - m->body_end->size;
1284
1285         if (add_new_part) {
1286                 if (padding > 0) {
1287                         part = message_append_part(m);
1288                         if (!part)
1289                                 return NULL;
1290
1291                         part_zero(part, padding);
1292                 }
1293
1294                 part = message_append_part(m);
1295                 if (!part)
1296                         return NULL;
1297
1298                 r = part_make_space(m, part, sz, &p);
1299                 if (r < 0)
1300                         return NULL;
1301         } else {
1302                 struct bus_container *c;
1303                 void *op;
1304                 size_t os;
1305
1306                 part = m->body_end;
1307                 op = part->data;
1308                 os = part->size;
1309
1310                 start_part = ALIGN_TO(part->size, align);
1311                 end_part = start_part + sz;
1312
1313                 r = part_make_space(m, part, end_part, &p);
1314                 if (r < 0)
1315                         return NULL;
1316
1317                 if (padding > 0) {
1318                         memset(p, 0, padding);
1319                         p = (uint8_t*) p + padding;
1320                 }
1321
1322                 /* Readjust pointers */
1323                 for (c = m->containers; c < m->containers + m->n_containers; c++)
1324                         c->array_size = adjust_pointer(c->array_size, op, os, part->data);
1325
1326                 m->error.message = (const char*) adjust_pointer(m->error.message, op, os, part->data);
1327         }
1328
1329         m->header->body_size = end_body;
1330         message_extend_containers(m, added);
1331
1332         return p;
1333 }
1334
1335 int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored) {
1336         struct bus_container *c;
1337         ssize_t align, sz;
1338         uint32_t k;
1339         void *a;
1340         int fd = -1;
1341         uint32_t fdi = 0;
1342         int r;
1343
1344         if (!m)
1345                 return -EINVAL;
1346         if (!p)
1347                 return -EINVAL;
1348         if (m->sealed)
1349                 return -EPERM;
1350         if (!bus_type_is_basic(type))
1351                 return -EINVAL;
1352         if (m->poisoned)
1353                 return -ESTALE;
1354
1355         c = message_get_container(m);
1356
1357         if (c->signature && c->signature[c->index]) {
1358                 /* Container signature is already set */
1359
1360                 if (c->signature[c->index] != type)
1361                         return -ENXIO;
1362         } else {
1363                 char *e;
1364
1365                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1366                 if (c->enclosing != 0)
1367                         return -ENXIO;
1368
1369                 e = strextend(&c->signature, CHAR_TO_STR(type), NULL);
1370                 if (!e) {
1371                         m->poisoned = true;
1372                         return -ENOMEM;
1373                 }
1374         }
1375
1376         switch (type) {
1377
1378         case SD_BUS_TYPE_STRING:
1379         case SD_BUS_TYPE_OBJECT_PATH:
1380
1381                 align = 4;
1382                 sz = 4 + strlen(p) + 1;
1383                 break;
1384
1385         case SD_BUS_TYPE_SIGNATURE:
1386
1387                 align = 1;
1388                 sz = 1 + strlen(p) + 1;
1389                 break;
1390
1391         case SD_BUS_TYPE_BOOLEAN:
1392                 align = sz = 4;
1393
1394                 assert_cc(sizeof(int) == sizeof(uint32_t));
1395                 memcpy(&k, p, 4);
1396                 k = !!k;
1397                 p = &k;
1398                 break;
1399
1400         case SD_BUS_TYPE_UNIX_FD: {
1401                 int z, *f;
1402
1403                 if (!m->allow_fds) {
1404                         r = -ENOTSUP;
1405                         goto fail;
1406                 }
1407
1408                 align = sz = 4;
1409
1410                 z = *(int*) p;
1411                 if (z < 0) {
1412                         r = -EINVAL;
1413                         goto fail;
1414                 }
1415
1416                 fd = fcntl(z, F_DUPFD_CLOEXEC, 3);
1417                 if (fd < 0) {
1418                         r = -errno;
1419                         goto fail;
1420                 }
1421
1422                 f = realloc(m->fds, sizeof(int) * (m->n_fds + 1));
1423                 if (!f) {
1424                         m->poisoned = true;
1425                         r = -ENOMEM;
1426                         goto fail;
1427                 }
1428
1429                 fdi = m->n_fds;
1430                 f[fdi] = fd;
1431                 m->fds = f;
1432                 m->free_fds = true;
1433                 break;
1434         }
1435
1436         default:
1437                 align = bus_type_get_alignment(type);
1438                 sz = bus_type_get_size(type);
1439                 break;
1440         }
1441
1442         assert(align > 0);
1443         assert(sz > 0);
1444
1445         a = message_extend_body(m, align, sz);
1446         if (!a) {
1447                 r = -ENOMEM;
1448                 goto fail;
1449         }
1450
1451         if (type == SD_BUS_TYPE_STRING || type == SD_BUS_TYPE_OBJECT_PATH) {
1452                 *(uint32_t*) a = sz - 5;
1453                 memcpy((uint8_t*) a + 4, p, sz - 4);
1454
1455                 if (stored)
1456                         *stored = (const uint8_t*) a + 4;
1457
1458         } else if (type == SD_BUS_TYPE_SIGNATURE) {
1459                 *(uint8_t*) a = sz - 1;
1460                 memcpy((uint8_t*) a + 1, p, sz - 1);
1461
1462                 if (stored)
1463                         *stored = (const uint8_t*) a + 1;
1464         } else if (type == SD_BUS_TYPE_UNIX_FD) {
1465                 *(uint32_t*) a = fdi;
1466
1467                 if (stored)
1468                         *stored = a;
1469
1470                 m->n_fds ++;
1471
1472         } else {
1473                 memcpy(a, p, sz);
1474
1475                 if (stored)
1476                         *stored = a;
1477         }
1478
1479         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1480                 c->index++;
1481
1482         return 0;
1483
1484 fail:
1485         if (fd >= 0)
1486                 close_nointr_nofail(fd);
1487
1488         return r;
1489 }
1490
1491 int sd_bus_message_append_basic(sd_bus_message *m, char type, const void *p) {
1492         return message_append_basic(m, type, p, NULL);
1493 }
1494
1495 int sd_bus_message_append_string_space(sd_bus_message *m, size_t size, char **s) {
1496         struct bus_container *c;
1497         void *a;
1498
1499         if (!m)
1500                 return -EINVAL;
1501         if (!s)
1502                 return -EINVAL;
1503         if (m->sealed)
1504                 return -EPERM;
1505         if (m->poisoned)
1506                 return -ESTALE;
1507
1508         c = message_get_container(m);
1509
1510         if (c->signature && c->signature[c->index]) {
1511                 /* Container signature is already set */
1512
1513                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
1514                         return -ENXIO;
1515         } else {
1516                 char *e;
1517
1518                 /* Maybe we can append to the signature? But only if this is the top-level container*/
1519                 if (c->enclosing != 0)
1520                         return -ENXIO;
1521
1522                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
1523                 if (!e) {
1524                         m->poisoned = true;
1525                         return -ENOMEM;
1526                 }
1527         }
1528
1529         a = message_extend_body(m, 4, 4 + size + 1);
1530         if (!a)
1531                 return -ENOMEM;
1532
1533         *(uint32_t*) a = size;
1534         *s = (char*) a + 4;
1535
1536         (*s)[size] = 0;
1537
1538         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1539                 c->index++;
1540
1541         return 0;
1542 }
1543
1544 static int bus_message_open_array(
1545                 sd_bus_message *m,
1546                 struct bus_container *c,
1547                 const char *contents,
1548                 uint32_t **array_size) {
1549
1550         unsigned nindex;
1551         void *a, *op;
1552         int alignment;
1553         size_t os;
1554         struct bus_body_part *o;
1555
1556         assert(m);
1557         assert(c);
1558         assert(contents);
1559         assert(array_size);
1560
1561         if (!signature_is_single(contents))
1562                 return -EINVAL;
1563
1564         alignment = bus_type_get_alignment(contents[0]);
1565         if (alignment < 0)
1566                 return alignment;
1567
1568         if (c->signature && c->signature[c->index]) {
1569
1570                 /* Verify the existing signature */
1571
1572                 if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
1573                         return -ENXIO;
1574
1575                 if (!startswith(c->signature + c->index + 1, contents))
1576                         return -ENXIO;
1577
1578                 nindex = c->index + 1 + strlen(contents);
1579         } else {
1580                 char *e;
1581
1582                 if (c->enclosing != 0)
1583                         return -ENXIO;
1584
1585                 /* Extend the existing signature */
1586
1587                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_ARRAY), contents, NULL);
1588                 if (!e) {
1589                         m->poisoned = true;
1590                         return -ENOMEM;
1591                 }
1592
1593                 nindex = e - c->signature;
1594         }
1595
1596         a = message_extend_body(m, 4, 4);
1597         if (!a)
1598                 return -ENOMEM;
1599
1600         o = m->body_end;
1601         op = m->body_end->data;
1602         os = m->body_end->size;
1603
1604         /* Add alignment between size and first element */
1605         if (!message_extend_body(m, alignment, 0))
1606                 return -ENOMEM;
1607
1608         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1609                 c->index = nindex;
1610
1611         /* location of array size might have changed so let's readjust a */
1612         if (o == m->body_end)
1613                 a = adjust_pointer(a, op, os, m->body_end->data);
1614
1615         *(uint32_t*) a = 0;
1616         *array_size = a;
1617         return 0;
1618 }
1619
1620 static int bus_message_open_variant(
1621                 sd_bus_message *m,
1622                 struct bus_container *c,
1623                 const char *contents) {
1624
1625         size_t l;
1626         void *a;
1627
1628         assert(m);
1629         assert(c);
1630         assert(contents);
1631
1632         if (!signature_is_single(contents))
1633                 return -EINVAL;
1634
1635         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
1636                 return -EINVAL;
1637
1638         if (c->signature && c->signature[c->index]) {
1639
1640                 if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
1641                         return -ENXIO;
1642
1643         } else {
1644                 char *e;
1645
1646                 if (c->enclosing != 0)
1647                         return -ENXIO;
1648
1649                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_VARIANT), NULL);
1650                 if (!e) {
1651                         m->poisoned = true;
1652                         return -ENOMEM;
1653                 }
1654         }
1655
1656         l = strlen(contents);
1657         a = message_extend_body(m, 1, 1 + l + 1);
1658         if (!a)
1659                 return -ENOMEM;
1660
1661         *(uint8_t*) a = l;
1662         memcpy((uint8_t*) a + 1, contents, l + 1);
1663
1664         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1665                 c->index++;
1666
1667         return 0;
1668 }
1669
1670 static int bus_message_open_struct(
1671                 sd_bus_message *m,
1672                 struct bus_container *c,
1673                 const char *contents) {
1674
1675         size_t nindex;
1676
1677         assert(m);
1678         assert(c);
1679         assert(contents);
1680
1681         if (!signature_is_valid(contents, false))
1682                 return -EINVAL;
1683
1684         if (c->signature && c->signature[c->index]) {
1685                 size_t l;
1686
1687                 l = strlen(contents);
1688
1689                 if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
1690                     !startswith(c->signature + c->index + 1, contents) ||
1691                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
1692                         return -ENXIO;
1693
1694                 nindex = c->index + 1 + l + 1;
1695         } else {
1696                 char *e;
1697
1698                 if (c->enclosing != 0)
1699                         return -ENXIO;
1700
1701                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_BEGIN), contents, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_END), NULL);
1702                 if (!e) {
1703                         m->poisoned = true;
1704                         return -ENOMEM;
1705                 }
1706
1707                 nindex = e - c->signature;
1708         }
1709
1710         /* Align contents to 8 byte boundary */
1711         if (!message_extend_body(m, 8, 0))
1712                 return -ENOMEM;
1713
1714         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1715                 c->index = nindex;
1716
1717         return 0;
1718 }
1719
1720 static int bus_message_open_dict_entry(
1721                 sd_bus_message *m,
1722                 struct bus_container *c,
1723                 const char *contents) {
1724
1725         size_t nindex;
1726
1727         assert(m);
1728         assert(c);
1729         assert(contents);
1730
1731         if (!signature_is_pair(contents))
1732                 return -EINVAL;
1733
1734         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1735                 return -ENXIO;
1736
1737         if (c->signature && c->signature[c->index]) {
1738                 size_t l;
1739
1740                 l = strlen(contents);
1741
1742                 if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
1743                     !startswith(c->signature + c->index + 1, contents) ||
1744                     c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
1745                         return -ENXIO;
1746
1747                 nindex = c->index + 1 + l + 1;
1748         } else
1749                 return -ENXIO;
1750
1751         /* Align contents to 8 byte boundary */
1752         if (!message_extend_body(m, 8, 0))
1753                 return -ENOMEM;
1754
1755         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1756                 c->index = nindex;
1757
1758         return 0;
1759 }
1760
1761 int sd_bus_message_open_container(
1762                 sd_bus_message *m,
1763                 char type,
1764                 const char *contents) {
1765
1766         struct bus_container *c, *w;
1767         uint32_t *array_size = NULL;
1768         char *signature;
1769         size_t before;
1770         int r;
1771
1772         if (!m)
1773                 return -EINVAL;
1774         if (m->sealed)
1775                 return -EPERM;
1776         if (!contents)
1777                 return -EINVAL;
1778         if (m->poisoned)
1779                 return -ESTALE;
1780
1781         /* Make sure we have space for one more container */
1782         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
1783         if (!w) {
1784                 m->poisoned = true;
1785                 return -ENOMEM;
1786         }
1787
1788         m->containers = w;
1789
1790         c = message_get_container(m);
1791
1792         signature = strdup(contents);
1793         if (!signature) {
1794                 m->poisoned = true;
1795                 return -ENOMEM;
1796         }
1797
1798         /* Save old index in the parent container, in case we have to
1799          * abort this container */
1800         c->saved_index = c->index;
1801         before = m->header->body_size;
1802
1803         if (type == SD_BUS_TYPE_ARRAY)
1804                 r = bus_message_open_array(m, c, contents, &array_size);
1805         else if (type == SD_BUS_TYPE_VARIANT)
1806                 r = bus_message_open_variant(m, c, contents);
1807         else if (type == SD_BUS_TYPE_STRUCT)
1808                 r = bus_message_open_struct(m, c, contents);
1809         else if (type == SD_BUS_TYPE_DICT_ENTRY)
1810                 r = bus_message_open_dict_entry(m, c, contents);
1811         else
1812                 r = -EINVAL;
1813
1814         if (r < 0) {
1815                 free(signature);
1816                 return r;
1817         }
1818
1819         /* OK, let's fill it in */
1820         w += m->n_containers++;
1821         w->enclosing = type;
1822         w->signature = signature;
1823         w->index = 0;
1824         w->array_size = array_size;
1825         w->before = before;
1826         w->begin = m->rindex;
1827
1828         return 0;
1829 }
1830
1831 int sd_bus_message_close_container(sd_bus_message *m) {
1832         struct bus_container *c;
1833
1834         if (!m)
1835                 return -EINVAL;
1836         if (m->sealed)
1837                 return -EPERM;
1838         if (m->n_containers <= 0)
1839                 return -EINVAL;
1840         if (m->poisoned)
1841                 return -ESTALE;
1842
1843         c = message_get_container(m);
1844         if (c->enclosing != SD_BUS_TYPE_ARRAY)
1845                 if (c->signature && c->signature[c->index] != 0)
1846                         return -EINVAL;
1847
1848         free(c->signature);
1849         m->n_containers--;
1850
1851         return 0;
1852 }
1853
1854 typedef struct {
1855         const char *types;
1856         unsigned n_struct;
1857         unsigned n_array;
1858 } TypeStack;
1859
1860 static int type_stack_push(TypeStack *stack, unsigned max, unsigned *i, const char *types, unsigned n_struct, unsigned n_array) {
1861         assert(stack);
1862         assert(max > 0);
1863
1864         if (*i >= max)
1865                 return -EINVAL;
1866
1867         stack[*i].types = types;
1868         stack[*i].n_struct = n_struct;
1869         stack[*i].n_array = n_array;
1870         (*i)++;
1871
1872         return 0;
1873 }
1874
1875 static int type_stack_pop(TypeStack *stack, unsigned max, unsigned *i, const char **types, unsigned *n_struct, unsigned *n_array) {
1876         assert(stack);
1877         assert(max > 0);
1878         assert(types);
1879         assert(n_struct);
1880         assert(n_array);
1881
1882         if (*i <= 0)
1883                 return 0;
1884
1885         (*i)--;
1886         *types = stack[*i].types;
1887         *n_struct = stack[*i].n_struct;
1888         *n_array = stack[*i].n_array;
1889
1890         return 1;
1891 }
1892
1893 int bus_message_append_ap(
1894                 sd_bus_message *m,
1895                 const char *types,
1896                 va_list ap) {
1897
1898         unsigned n_array, n_struct;
1899         TypeStack stack[BUS_CONTAINER_DEPTH];
1900         unsigned stack_ptr = 0;
1901         int r;
1902
1903         assert(m);
1904
1905         if (!types)
1906                 return 0;
1907
1908         n_array = (unsigned) -1;
1909         n_struct = strlen(types);
1910
1911         for (;;) {
1912                 const char *t;
1913
1914                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
1915                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
1916                         if (r < 0)
1917                                 return r;
1918                         if (r == 0)
1919                                 break;
1920
1921                         r = sd_bus_message_close_container(m);
1922                         if (r < 0)
1923                                 return r;
1924
1925                         continue;
1926                 }
1927
1928                 t = types;
1929                 if (n_array != (unsigned) -1)
1930                         n_array --;
1931                 else {
1932                         types ++;
1933                         n_struct--;
1934                 }
1935
1936                 switch (*t) {
1937
1938                 case SD_BUS_TYPE_BYTE: {
1939                         uint8_t x;
1940
1941                         x = (uint8_t) va_arg(ap, int);
1942                         r = sd_bus_message_append_basic(m, *t, &x);
1943                         break;
1944                 }
1945
1946                 case SD_BUS_TYPE_BOOLEAN:
1947                 case SD_BUS_TYPE_INT32:
1948                 case SD_BUS_TYPE_UINT32:
1949                 case SD_BUS_TYPE_UNIX_FD: {
1950                         uint32_t x;
1951
1952                         /* We assume a boolean is the same as int32_t */
1953                         assert_cc(sizeof(int32_t) == sizeof(int));
1954
1955                         x = va_arg(ap, uint32_t);
1956                         r = sd_bus_message_append_basic(m, *t, &x);
1957                         break;
1958                 }
1959
1960                 case SD_BUS_TYPE_INT16:
1961                 case SD_BUS_TYPE_UINT16: {
1962                         uint16_t x;
1963
1964                         x = (uint16_t) va_arg(ap, int);
1965                         r = sd_bus_message_append_basic(m, *t, &x);
1966                         break;
1967                 }
1968
1969                 case SD_BUS_TYPE_INT64:
1970                 case SD_BUS_TYPE_UINT64:
1971                 case SD_BUS_TYPE_DOUBLE: {
1972                         uint64_t x;
1973
1974                         x = va_arg(ap, uint64_t);
1975                         r = sd_bus_message_append_basic(m, *t, &x);
1976                         break;
1977                 }
1978
1979                 case SD_BUS_TYPE_STRING:
1980                 case SD_BUS_TYPE_OBJECT_PATH:
1981                 case SD_BUS_TYPE_SIGNATURE: {
1982                         const char *x;
1983
1984                         x = va_arg(ap, const char*);
1985                         r = sd_bus_message_append_basic(m, *t, x);
1986                         break;
1987                 }
1988
1989                 case SD_BUS_TYPE_ARRAY: {
1990                         size_t k;
1991
1992                         r = signature_element_length(t + 1, &k);
1993                         if (r < 0)
1994                                 return r;
1995
1996                         {
1997                                 char s[k + 1];
1998                                 memcpy(s, t + 1, k);
1999                                 s[k] = 0;
2000
2001                                 r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, s);
2002                                 if (r < 0)
2003                                         return r;
2004                         }
2005
2006                         if (n_array == (unsigned) -1) {
2007                                 types += k;
2008                                 n_struct -= k;
2009                         }
2010
2011                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2012                         if (r < 0)
2013                                 return r;
2014
2015                         types = t + 1;
2016                         n_struct = k;
2017                         n_array = va_arg(ap, unsigned);
2018
2019                         break;
2020                 }
2021
2022                 case SD_BUS_TYPE_VARIANT: {
2023                         const char *s;
2024
2025                         s = va_arg(ap, const char*);
2026                         if (!s)
2027                                 return -EINVAL;
2028
2029                         r = sd_bus_message_open_container(m, SD_BUS_TYPE_VARIANT, s);
2030                         if (r < 0)
2031                                 return r;
2032
2033                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2034                         if (r < 0)
2035                                 return r;
2036
2037                         types = s;
2038                         n_struct = strlen(s);
2039                         n_array = (unsigned) -1;
2040
2041                         break;
2042                 }
2043
2044                 case SD_BUS_TYPE_STRUCT_BEGIN:
2045                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
2046                         size_t k;
2047
2048                         r = signature_element_length(t, &k);
2049                         if (r < 0)
2050                                 return r;
2051
2052                         {
2053                                 char s[k - 1];
2054
2055                                 memcpy(s, t + 1, k - 2);
2056                                 s[k - 2] = 0;
2057
2058                                 r = sd_bus_message_open_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
2059                                 if (r < 0)
2060                                         return r;
2061                         }
2062
2063                         if (n_array == (unsigned) -1) {
2064                                 types += k - 1;
2065                                 n_struct -= k - 1;
2066                         }
2067
2068                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
2069                         if (r < 0)
2070                                 return r;
2071
2072                         types = t + 1;
2073                         n_struct = k - 2;
2074                         n_array = (unsigned) -1;
2075
2076                         break;
2077                 }
2078
2079                 default:
2080                         r = -EINVAL;
2081                 }
2082
2083                 if (r < 0)
2084                         return r;
2085         }
2086
2087         return 0;
2088 }
2089
2090 int sd_bus_message_append(sd_bus_message *m, const char *types, ...) {
2091         va_list ap;
2092         int r;
2093
2094         if (!m)
2095                 return -EINVAL;
2096         if (m->sealed)
2097                 return -EPERM;
2098         if (m->poisoned)
2099                 return -ESTALE;
2100         if (!types)
2101                 return 0;
2102
2103         va_start(ap, types);
2104         r = bus_message_append_ap(m, types, ap);
2105         va_end(ap);
2106
2107         return r;
2108 }
2109
2110 int sd_bus_message_append_array_space(sd_bus_message *m, char type, size_t size, void **ptr) {
2111         ssize_t align, sz;
2112         void *a;
2113         int r;
2114
2115         if (!m)
2116                 return -EINVAL;
2117         if (m->sealed)
2118                 return -EPERM;
2119         if (!bus_type_is_trivial(type))
2120                 return -EINVAL;
2121         if (!ptr && size > 0)
2122                 return -EINVAL;
2123         if (m->poisoned)
2124                 return -ESTALE;
2125
2126         align = bus_type_get_alignment(type);
2127         sz = bus_type_get_size(type);
2128
2129         assert_se(align > 0);
2130         assert_se(sz > 0);
2131
2132         if (size % sz != 0)
2133                 return -EINVAL;
2134
2135         r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
2136         if (r < 0)
2137                 return r;
2138
2139         a = message_extend_body(m, align, size);
2140         if (!a)
2141                 return -ENOMEM;
2142
2143         r = sd_bus_message_close_container(m);
2144         if (r < 0)
2145                 return r;
2146
2147         *ptr = a;
2148         return 0;
2149 }
2150
2151 int sd_bus_message_append_array(sd_bus_message *m, char type, const void *ptr, size_t size) {
2152         int r;
2153         void *p;
2154
2155         if (!ptr && size > 0)
2156                 return -EINVAL;
2157
2158         r = sd_bus_message_append_array_space(m, type, size, &p);
2159         if (r < 0)
2160                 return r;
2161
2162         if (size > 0)
2163                 memcpy(p, ptr, size);
2164
2165         return 0;
2166 }
2167
2168 int sd_bus_message_append_array_memfd(sd_bus_message *m, char type, sd_memfd *memfd) {
2169         _cleanup_close_ int copy_fd = -1;
2170         struct bus_body_part *part;
2171         ssize_t align, sz;
2172         uint64_t size;
2173         void *a;
2174         int r;
2175
2176         if (!m)
2177                 return -EINVAL;
2178         if (!memfd)
2179                 return -EINVAL;
2180         if (m->sealed)
2181                 return -EPERM;
2182         if (!bus_type_is_trivial(type))
2183                 return -EINVAL;
2184         if (m->poisoned)
2185                 return -ESTALE;
2186
2187         r = sd_memfd_set_sealed(memfd, true);
2188         if (r < 0)
2189                 return r;
2190
2191         copy_fd = sd_memfd_dup_fd(memfd);
2192         if (copy_fd < 0)
2193                 return copy_fd;
2194
2195         r = sd_memfd_get_size(memfd, &size);
2196         if (r < 0)
2197                 return r;
2198
2199         align = bus_type_get_alignment(type);
2200         sz = bus_type_get_size(type);
2201
2202         assert_se(align > 0);
2203         assert_se(sz > 0);
2204
2205         if (size % sz != 0)
2206                 return -EINVAL;
2207
2208         if (size > (uint64_t) (uint32_t) -1)
2209                 return -EINVAL;
2210
2211         r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
2212         if (r < 0)
2213                 return r;
2214
2215         a = message_extend_body(m, align, 0);
2216         if (!a)
2217                 return -ENOMEM;
2218
2219         part = message_append_part(m);
2220         if (!part)
2221                 return -ENOMEM;
2222
2223         part->memfd = copy_fd;
2224         part->sealed = true;
2225         part->size = size;
2226         copy_fd = -1;
2227
2228         message_extend_containers(m, size);
2229         m->header->body_size += size;
2230
2231         return sd_bus_message_close_container(m);
2232 }
2233
2234 int sd_bus_message_append_string_memfd(sd_bus_message *m, sd_memfd *memfd) {
2235         _cleanup_close_ int copy_fd = -1;
2236         struct bus_body_part *part;
2237         struct bus_container *c;
2238         uint64_t size;
2239         void *a;
2240         int r;
2241
2242         if (!m)
2243                 return -EINVAL;
2244         if (!memfd)
2245                 return -EINVAL;
2246         if (m->sealed)
2247                 return -EPERM;
2248         if (m->poisoned)
2249                 return -ESTALE;
2250
2251         r = sd_memfd_set_sealed(memfd, true);
2252         if (r < 0)
2253                 return r;
2254
2255         copy_fd = sd_memfd_dup_fd(memfd);
2256         if (copy_fd < 0)
2257                 return copy_fd;
2258
2259         r = sd_memfd_get_size(memfd, &size);
2260         if (r < 0)
2261                 return r;
2262
2263         /* We require this to be NUL terminated */
2264         if (size == 0)
2265                 return -EINVAL;
2266
2267         if (size > (uint64_t) (uint32_t) -1)
2268                 return -EINVAL;
2269
2270         c = message_get_container(m);
2271         if (c->signature && c->signature[c->index]) {
2272                 /* Container signature is already set */
2273
2274                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
2275                         return -ENXIO;
2276         } else {
2277                 char *e;
2278
2279                 /* Maybe we can append to the signature? But only if this is the top-level container*/
2280                 if (c->enclosing != 0)
2281                         return -ENXIO;
2282
2283                 e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
2284                 if (!e) {
2285                         m->poisoned = true;
2286                         return -ENOMEM;
2287                 }
2288         }
2289
2290         a = message_extend_body(m, 4, 4);
2291         if (!a)
2292                 return -ENOMEM;
2293
2294         *(uint32_t*) a = size - 1;
2295
2296         part = message_append_part(m);
2297         if (!part)
2298                 return -ENOMEM;
2299
2300         part->memfd = copy_fd;
2301         part->sealed = true;
2302         part->size = size;
2303         copy_fd = -1;
2304
2305         message_extend_containers(m, size);
2306         m->header->body_size += size;
2307
2308         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2309                 c->index++;
2310
2311         return 0;
2312 }
2313
2314 int bus_body_part_map(struct bus_body_part *part) {
2315         void *p;
2316         size_t psz;
2317
2318         assert_se(part);
2319
2320         if (part->data)
2321                 return 0;
2322
2323         if (part->size <= 0)
2324                 return 0;
2325
2326         /* For smaller zero parts (as used for padding) we don't need to map anything... */
2327         if (part->memfd < 0 && part->is_zero && part->size < 8) {
2328                 static const uint8_t zeroes[7] = { };
2329                 part->data = (void*) zeroes;
2330                 return 0;
2331         }
2332
2333         psz = PAGE_ALIGN(part->size);
2334
2335         if (part->memfd >= 0)
2336                 p = mmap(NULL, psz, PROT_READ, MAP_SHARED, part->memfd, 0);
2337         else if (part->is_zero)
2338                 p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
2339         else
2340                 return -EINVAL;
2341
2342         if (p == MAP_FAILED)
2343                 return -errno;
2344
2345         part->mapped = psz;
2346         part->data = p;
2347         part->munmap_this = true;
2348
2349         return 0;
2350 }
2351
2352 void bus_body_part_unmap(struct bus_body_part *part) {
2353
2354         assert_se(part);
2355
2356         if (part->memfd < 0)
2357                 return;
2358
2359         if (!part->data)
2360                 return;
2361
2362         if (!part->munmap_this)
2363                 return;
2364
2365         assert_se(munmap(part->data, part->mapped) == 0);
2366
2367         part->data = NULL;
2368         part->mapped = 0;
2369         part->munmap_this = false;
2370
2371         return;
2372 }
2373
2374 static int buffer_peek(const void *p, uint32_t sz, size_t *rindex, size_t align, size_t nbytes, void **r) {
2375         size_t k, start, end;
2376
2377         assert(rindex);
2378         assert(align > 0);
2379
2380         start = ALIGN_TO((size_t) *rindex, align);
2381         end = start + nbytes;
2382
2383         if (end > sz)
2384                 return -EBADMSG;
2385
2386         /* Verify that padding is 0 */
2387         for (k = *rindex; k < start; k++)
2388                 if (((const uint8_t*) p)[k] != 0)
2389                         return -EBADMSG;
2390
2391         if (r)
2392                 *r = (uint8_t*) p + start;
2393
2394         *rindex = end;
2395
2396         return 1;
2397 }
2398
2399 static bool message_end_of_array(sd_bus_message *m, size_t index) {
2400         struct bus_container *c;
2401
2402         assert(m);
2403
2404         c = message_get_container(m);
2405         if (!c->array_size)
2406                 return false;
2407
2408         return index >= c->begin + BUS_MESSAGE_BSWAP32(m, *c->array_size);
2409 }
2410
2411 static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t sz, void **p) {
2412         struct bus_body_part *part;
2413         size_t begin;
2414         int r;
2415
2416         assert(m);
2417
2418         if (m->cached_rindex_part && index >= m->cached_rindex_part_begin) {
2419                 part = m->cached_rindex_part;
2420                 begin = m->cached_rindex_part_begin;
2421         } else {
2422                 part = &m->body;
2423                 begin = 0;
2424         }
2425
2426         while (part) {
2427                 if (index < begin)
2428                         return NULL;
2429
2430                 if (index + sz <= begin + part->size) {
2431
2432                         r = bus_body_part_map(part);
2433                         if (r < 0)
2434                                 return NULL;
2435
2436                         if (p)
2437                                 *p = (uint8_t*) part->data + index - begin;
2438
2439                         m->cached_rindex_part = part;
2440                         m->cached_rindex_part_begin = begin;
2441
2442                         return part;
2443                 }
2444
2445                 begin += part->size;
2446                 part = part->next;
2447         }
2448
2449         return NULL;
2450 }
2451
2452 static int message_peek_body(
2453                 sd_bus_message *m,
2454                 size_t *rindex,
2455                 size_t align,
2456                 size_t nbytes,
2457                 void **ret) {
2458
2459         size_t k, start, end, padding;
2460         struct bus_body_part *part;
2461         uint8_t *q;
2462
2463         assert(m);
2464         assert(rindex);
2465         assert(align > 0);
2466
2467         if (message_end_of_array(m, *rindex))
2468                 return 0;
2469
2470         start = ALIGN_TO((size_t) *rindex, align);
2471         padding = start - *rindex;
2472         end = start + nbytes;
2473
2474         if (end > BUS_MESSAGE_BODY_SIZE(m))
2475                 return -EBADMSG;
2476
2477         part = find_part(m, *rindex, padding, (void**) &q);
2478         if (!part)
2479                 return -EBADMSG;
2480
2481         if (q) {
2482                 /* Verify padding */
2483                 for (k = 0; k < padding; k++)
2484                         if (q[k] != 0)
2485                                 return -EBADMSG;
2486         }
2487
2488         part = find_part(m, start, nbytes, (void**) &q);
2489         if (!part || !q)
2490                 return -EBADMSG;
2491
2492         *rindex = end;
2493
2494         if (ret)
2495                 *ret = q;
2496
2497         return 1;
2498 }
2499
2500 static bool validate_nul(const char *s, size_t l) {
2501
2502         /* Check for NUL chars in the string */
2503         if (memchr(s, 0, l))
2504                 return false;
2505
2506         /* Check for NUL termination */
2507         if (s[l] != 0)
2508                 return false;
2509
2510         return true;
2511 }
2512
2513 static bool validate_string(const char *s, size_t l) {
2514
2515         if (!validate_nul(s, l))
2516                 return false;
2517
2518         /* Check if valid UTF8 */
2519         if (!utf8_is_valid(s))
2520                 return false;
2521
2522         return true;
2523 }
2524
2525 static bool validate_signature(const char *s, size_t l) {
2526
2527         if (!validate_nul(s, l))
2528                 return false;
2529
2530         /* Check if valid signature */
2531         if (!signature_is_valid(s, true))
2532                 return false;
2533
2534         return true;
2535 }
2536
2537 static bool validate_object_path(const char *s, size_t l) {
2538
2539         if (!validate_nul(s, l))
2540                 return false;
2541
2542         if (!object_path_is_valid(s))
2543                 return false;
2544
2545         return true;
2546 }
2547
2548 int sd_bus_message_read_basic(sd_bus_message *m, char type, void *p) {
2549         struct bus_container *c;
2550         int r;
2551         void *q;
2552
2553         if (!m)
2554                 return -EINVAL;
2555         if (!m->sealed)
2556                 return -EPERM;
2557         if (!bus_type_is_basic(type))
2558                 return -EINVAL;
2559         if (!p)
2560                 return -EINVAL;
2561
2562         c = message_get_container(m);
2563
2564         if (!c->signature || c->signature[c->index] == 0)
2565                 return 0;
2566
2567         if (c->signature[c->index] != type)
2568                 return -ENXIO;
2569
2570         switch (type) {
2571
2572         case SD_BUS_TYPE_STRING:
2573         case SD_BUS_TYPE_OBJECT_PATH: {
2574                 uint32_t l;
2575                 size_t rindex;
2576
2577                 rindex = m->rindex;
2578                 r = message_peek_body(m, &rindex, 4, 4, &q);
2579                 if (r <= 0)
2580                         return r;
2581
2582                 l = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2583                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2584                 if (r < 0)
2585                         return r;
2586                 if (r == 0)
2587                         return -EBADMSG;
2588
2589                 if (type == SD_BUS_TYPE_OBJECT_PATH) {
2590                         if (!validate_object_path(q, l))
2591                                 return -EBADMSG;
2592                 } else {
2593                         if (!validate_string(q, l))
2594                                 return -EBADMSG;
2595                 }
2596
2597                 m->rindex = rindex;
2598                 *(const char**) p = q;
2599                 break;
2600         }
2601
2602         case SD_BUS_TYPE_SIGNATURE: {
2603                 uint8_t l;
2604                 size_t rindex;
2605
2606                 rindex = m->rindex;
2607                 r = message_peek_body(m, &rindex, 1, 1, &q);
2608                 if (r <= 0)
2609                         return r;
2610
2611                 l = *(uint8_t*) q;
2612                 r = message_peek_body(m, &rindex, 1, l+1, &q);
2613                 if (r < 0)
2614                         return r;
2615                 if (r == 0)
2616                         return -EBADMSG;
2617
2618                 if (!validate_signature(q, l))
2619                         return -EBADMSG;
2620
2621                 m->rindex = rindex;
2622                 *(const char**) p = q;
2623                 break;
2624         }
2625
2626         default: {
2627                 ssize_t sz, align;
2628                 size_t rindex;
2629
2630                 align = bus_type_get_alignment(type);
2631                 sz = bus_type_get_size(type);
2632                 assert(align > 0 && sz > 0);
2633
2634                 rindex = m->rindex;
2635                 r = message_peek_body(m, &rindex, align, sz, &q);
2636                 if (r <= 0)
2637                         return r;
2638
2639                 switch (type) {
2640
2641                 case SD_BUS_TYPE_BYTE:
2642                         *(uint8_t*) p = *(uint8_t*) q;
2643                         break;
2644
2645                 case SD_BUS_TYPE_BOOLEAN:
2646                         *(int*) p = !!*(uint32_t*) q;
2647                         break;
2648
2649                 case SD_BUS_TYPE_INT16:
2650                 case SD_BUS_TYPE_UINT16:
2651                         *(uint16_t*) p = BUS_MESSAGE_BSWAP16(m, *(uint16_t*) q);
2652                         break;
2653
2654                 case SD_BUS_TYPE_INT32:
2655                 case SD_BUS_TYPE_UINT32:
2656                         *(uint32_t*) p = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2657                         break;
2658
2659                 case SD_BUS_TYPE_INT64:
2660                 case SD_BUS_TYPE_UINT64:
2661                 case SD_BUS_TYPE_DOUBLE:
2662                         *(uint64_t*) p = BUS_MESSAGE_BSWAP64(m, *(uint64_t*) q);
2663                         break;
2664
2665                 case SD_BUS_TYPE_UNIX_FD: {
2666                         uint32_t j;
2667
2668                         j = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
2669                         if (j >= m->n_fds)
2670                                 return -EBADMSG;
2671
2672                         *(int*) p = m->fds[j];
2673                         break;
2674                 }
2675
2676                 default:
2677                         assert_not_reached("Unknown basic type...");
2678                 }
2679
2680                 m->rindex = rindex;
2681
2682                 break;
2683         }
2684         }
2685
2686         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2687                 c->index++;
2688
2689         return 1;
2690 }
2691
2692 static int bus_message_enter_array(
2693                 sd_bus_message *m,
2694                 struct bus_container *c,
2695                 const char *contents,
2696                 uint32_t **array_size) {
2697
2698         size_t rindex;
2699         void *q;
2700         int r, alignment;
2701
2702         assert(m);
2703         assert(c);
2704         assert(contents);
2705         assert(array_size);
2706
2707         if (!signature_is_single(contents))
2708                 return -EINVAL;
2709
2710         alignment = bus_type_get_alignment(contents[0]);
2711         if (alignment < 0)
2712                 return alignment;
2713
2714         if (!c->signature || c->signature[c->index] == 0)
2715                 return 0;
2716
2717         if (c->signature[c->index] != SD_BUS_TYPE_ARRAY)
2718                 return -ENXIO;
2719
2720         if (!startswith(c->signature + c->index + 1, contents))
2721                 return -ENXIO;
2722
2723         rindex = m->rindex;
2724         r = message_peek_body(m, &rindex, 4, 4, &q);
2725         if (r <= 0)
2726                 return r;
2727
2728         if (BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q) > BUS_ARRAY_MAX_SIZE)
2729                 return -EBADMSG;
2730
2731         r = message_peek_body(m, &rindex, alignment, 0, NULL);
2732         if (r < 0)
2733                 return r;
2734         if (r == 0)
2735                 return -EBADMSG;
2736
2737         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2738                 c->index += 1 + strlen(contents);
2739
2740         m->rindex = rindex;
2741
2742         *array_size = (uint32_t*) q;
2743
2744         return 1;
2745 }
2746
2747 static int bus_message_enter_variant(
2748                 sd_bus_message *m,
2749                 struct bus_container *c,
2750                 const char *contents) {
2751
2752         size_t rindex;
2753         uint8_t l;
2754         void *q;
2755         int r;
2756
2757         assert(m);
2758         assert(c);
2759         assert(contents);
2760
2761         if (!signature_is_single(contents))
2762                 return -EINVAL;
2763
2764         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
2765                 return -EINVAL;
2766
2767         if (!c->signature || c->signature[c->index] == 0)
2768                 return 0;
2769
2770         if (c->signature[c->index] != SD_BUS_TYPE_VARIANT)
2771                 return -ENXIO;
2772
2773         rindex = m->rindex;
2774         r = message_peek_body(m, &rindex, 1, 1, &q);
2775         if (r <= 0)
2776                 return r;
2777
2778         l = *(uint8_t*) q;
2779         r = message_peek_body(m, &rindex, 1, l+1, &q);
2780         if (r < 0)
2781                 return r;
2782         if (r == 0)
2783                 return -EBADMSG;
2784
2785         if (!validate_signature(q, l))
2786                 return -EBADMSG;
2787
2788         if (!streq(q, contents))
2789                 return -ENXIO;
2790
2791         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2792                 c->index++;
2793
2794         m->rindex = rindex;
2795
2796         return 1;
2797 }
2798
2799 static int bus_message_enter_struct(
2800                 sd_bus_message *m,
2801                 struct bus_container *c,
2802                 const char *contents) {
2803
2804         size_t l;
2805         int r;
2806
2807         assert(m);
2808         assert(c);
2809         assert(contents);
2810
2811         if (!signature_is_valid(contents, false))
2812                 return -EINVAL;
2813
2814         if (!c->signature || c->signature[c->index] == 0)
2815                 return 0;
2816
2817         l = strlen(contents);
2818
2819         if (c->signature[c->index] != SD_BUS_TYPE_STRUCT_BEGIN ||
2820             !startswith(c->signature + c->index + 1, contents) ||
2821             c->signature[c->index + 1 + l] != SD_BUS_TYPE_STRUCT_END)
2822                 return -ENXIO;
2823
2824         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2825         if (r <= 0)
2826                 return r;
2827
2828         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2829                 c->index += 1 + l + 1;
2830
2831         return 1;
2832 }
2833
2834 static int bus_message_enter_dict_entry(
2835                 sd_bus_message *m,
2836                 struct bus_container *c,
2837                 const char *contents) {
2838
2839         size_t l;
2840         int r;
2841
2842         assert(m);
2843         assert(c);
2844         assert(contents);
2845
2846         if (!signature_is_pair(contents))
2847                 return -EINVAL;
2848
2849         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2850                 return -ENXIO;
2851
2852         if (!c->signature || c->signature[c->index] == 0)
2853                 return 0;
2854
2855         l = strlen(contents);
2856
2857         if (c->signature[c->index] != SD_BUS_TYPE_DICT_ENTRY_BEGIN ||
2858             !startswith(c->signature + c->index + 1, contents) ||
2859             c->signature[c->index + 1 + l] != SD_BUS_TYPE_DICT_ENTRY_END)
2860                 return -ENXIO;
2861
2862         r = message_peek_body(m, &m->rindex, 8, 0, NULL);
2863         if (r <= 0)
2864                 return r;
2865
2866         if (c->enclosing != SD_BUS_TYPE_ARRAY)
2867                 c->index += 1 + l + 1;
2868
2869         return 1;
2870 }
2871
2872 int sd_bus_message_enter_container(sd_bus_message *m, char type, const char *contents) {
2873         struct bus_container *c, *w;
2874         uint32_t *array_size = NULL;
2875         char *signature;
2876         size_t before;
2877         int r;
2878
2879         if (!m)
2880                 return -EINVAL;
2881         if (!m->sealed)
2882                 return -EPERM;
2883         if (!contents)
2884                 return -EINVAL;
2885
2886         /*
2887          * We enforce a global limit on container depth, that is much
2888          * higher than the 32 structs and 32 arrays the specification
2889          * mandates. This is simpler to implement for us, and we need
2890          * this only to ensure our container array doesn't grow
2891          * without bounds. We are happy to return any data from a
2892          * message as long as the data itself is valid, even if the
2893          * overall message might be not.
2894          *
2895          * Note that the message signature is validated when
2896          * parsing the headers, and that validation does check the
2897          * 32/32 limit.
2898          *
2899          * Note that the specification defines no limits on the depth
2900          * of stacked variants, but we do.
2901          */
2902         if (m->n_containers >= BUS_CONTAINER_DEPTH)
2903                 return -EBADMSG;
2904
2905         w = realloc(m->containers, sizeof(struct bus_container) * (m->n_containers + 1));
2906         if (!w)
2907                 return -ENOMEM;
2908         m->containers = w;
2909
2910         c = message_get_container(m);
2911
2912         if (!c->signature || c->signature[c->index] == 0)
2913                 return 0;
2914
2915         signature = strdup(contents);
2916         if (!signature)
2917                 return -ENOMEM;
2918
2919         c->saved_index = c->index;
2920         before = m->rindex;
2921
2922         if (type == SD_BUS_TYPE_ARRAY)
2923                 r = bus_message_enter_array(m, c, contents, &array_size);
2924         else if (type == SD_BUS_TYPE_VARIANT)
2925                 r = bus_message_enter_variant(m, c, contents);
2926         else if (type == SD_BUS_TYPE_STRUCT)
2927                 r = bus_message_enter_struct(m, c, contents);
2928         else if (type == SD_BUS_TYPE_DICT_ENTRY)
2929                 r = bus_message_enter_dict_entry(m, c, contents);
2930         else
2931                 r = -EINVAL;
2932
2933         if (r <= 0) {
2934                 free(signature);
2935                 return r;
2936         }
2937
2938         /* OK, let's fill it in */
2939         w += m->n_containers++;
2940         w->enclosing = type;
2941         w->signature = signature;
2942         w->index = 0;
2943         w->array_size = array_size;
2944         w->before = before;
2945         w->begin = m->rindex;
2946
2947         return 1;
2948 }
2949
2950 int sd_bus_message_exit_container(sd_bus_message *m) {
2951         struct bus_container *c;
2952
2953         if (!m)
2954                 return -EINVAL;
2955         if (!m->sealed)
2956                 return -EPERM;
2957         if (m->n_containers <= 0)
2958                 return -EINVAL;
2959
2960         c = message_get_container(m);
2961         if (c->enclosing == SD_BUS_TYPE_ARRAY) {
2962                 uint32_t l;
2963
2964                 l = BUS_MESSAGE_BSWAP32(m, *c->array_size);
2965                 if (c->begin + l != m->rindex)
2966                         return -EBUSY;
2967
2968         } else {
2969                 if (c->signature && c->signature[c->index] != 0)
2970                         return -EINVAL;
2971         }
2972
2973         free(c->signature);
2974         m->n_containers--;
2975
2976         return 1;
2977 }
2978
2979 static void message_quit_container(sd_bus_message *m) {
2980         struct bus_container *c;
2981
2982         assert(m);
2983         assert(m->sealed);
2984         assert(m->n_containers > 0);
2985
2986         c = message_get_container(m);
2987
2988         /* Undo seeks */
2989         assert(m->rindex >= c->before);
2990         m->rindex = c->before;
2991
2992         /* Free container */
2993         free(c->signature);
2994         m->n_containers--;
2995
2996         /* Correct index of new top-level container */
2997         c = message_get_container(m);
2998         c->index = c->saved_index;
2999 }
3000
3001 int sd_bus_message_peek_type(sd_bus_message *m, char *type, const char **contents) {
3002         struct bus_container *c;
3003         int r;
3004
3005         if (!m)
3006                 return -EINVAL;
3007         if (!m->sealed)
3008                 return -EPERM;
3009
3010         c = message_get_container(m);
3011
3012         if (!c->signature || c->signature[c->index] == 0)
3013                 goto eof;
3014
3015         if (message_end_of_array(m, m->rindex))
3016                 goto eof;
3017
3018         if (bus_type_is_basic(c->signature[c->index])) {
3019                 if (contents)
3020                         *contents = NULL;
3021                 if (type)
3022                         *type = c->signature[c->index];
3023                 return 1;
3024         }
3025
3026         if (c->signature[c->index] == SD_BUS_TYPE_ARRAY) {
3027
3028                 if (contents) {
3029                         size_t l;
3030                         char *sig;
3031
3032                         r = signature_element_length(c->signature+c->index+1, &l);
3033                         if (r < 0)
3034                                 return r;
3035
3036                         assert(l >= 1);
3037
3038                         sig = strndup(c->signature + c->index + 1, l);
3039                         if (!sig)
3040                                 return -ENOMEM;
3041
3042                         free(m->peeked_signature);
3043                         m->peeked_signature = sig;
3044
3045                         *contents = sig;
3046                 }
3047
3048                 if (type)
3049                         *type = SD_BUS_TYPE_ARRAY;
3050
3051                 return 1;
3052         }
3053
3054         if (c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ||
3055             c->signature[c->index] == SD_BUS_TYPE_DICT_ENTRY_BEGIN) {
3056
3057                 if (contents) {
3058                         size_t l;
3059                         char *sig;
3060
3061                         r = signature_element_length(c->signature+c->index, &l);
3062                         if (r < 0)
3063                                 return r;
3064
3065                         assert(l >= 2);
3066                         sig = strndup(c->signature + c->index + 1, l - 2);
3067                         if (!sig)
3068                                 return -ENOMEM;
3069
3070                         free(m->peeked_signature);
3071                         m->peeked_signature = sig;
3072
3073                         *contents = sig;
3074                 }
3075
3076                 if (type)
3077                         *type = c->signature[c->index] == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY;
3078
3079                 return 1;
3080         }
3081
3082         if (c->signature[c->index] == SD_BUS_TYPE_VARIANT) {
3083                 if (contents) {
3084                         size_t rindex, l;
3085                         void *q;
3086
3087                         rindex = m->rindex;
3088                         r = message_peek_body(m, &rindex, 1, 1, &q);
3089                         if (r < 0)
3090                                 return r;
3091                         if (r == 0)
3092                                 goto eof;
3093
3094                         l = *(uint8_t*) q;
3095                         r = message_peek_body(m, &rindex, 1, l+1, &q);
3096                         if (r < 0)
3097                                 return r;
3098                         if (r == 0)
3099                                 return -EBADMSG;
3100
3101                         if (!validate_signature(q, l))
3102                                 return -EBADMSG;
3103
3104                         *contents = q;
3105                 }
3106
3107                 if (type)
3108                         *type = SD_BUS_TYPE_VARIANT;
3109
3110                 return 1;
3111         }
3112
3113         return -EINVAL;
3114
3115 eof:
3116         if (type)
3117                 *type = c->enclosing;
3118         if (contents)
3119                 *contents = NULL;
3120         return 0;
3121 }
3122
3123 int sd_bus_message_rewind(sd_bus_message *m, int complete) {
3124         struct bus_container *c;
3125
3126         if (!m)
3127                 return -EINVAL;
3128         if (!m->sealed)
3129                 return -EPERM;
3130
3131         if (complete) {
3132                 message_reset_containers(m);
3133                 m->rindex = 0;
3134                 m->root_container.index = 0;
3135
3136                 c = message_get_container(m);
3137         } else {
3138                 c = message_get_container(m);
3139
3140                 c->index = 0;
3141                 m->rindex = c->begin;
3142         }
3143
3144         return !isempty(c->signature);
3145 }
3146 static int message_read_ap(
3147                 sd_bus_message *m,
3148                 const char *types,
3149                 va_list ap) {
3150
3151         unsigned n_array, n_struct;
3152         TypeStack stack[BUS_CONTAINER_DEPTH];
3153         unsigned stack_ptr = 0;
3154         int r;
3155
3156         assert(m);
3157
3158         if (!types)
3159                 return 0;
3160
3161         /* Ideally, we'd just call ourselves recursively on every
3162          * complex type. However, the state of a va_list that is
3163          * passed to a function is undefined after that function
3164          * returns. This means we need to docode the va_list linearly
3165          * in a single stackframe. We hence implement our own
3166          * home-grown stack in an array. */
3167
3168         n_array = (unsigned) -1;
3169         n_struct = strlen(types);
3170
3171         for (;;) {
3172                 const char *t;
3173
3174                 if (n_array == 0 || (n_array == (unsigned) -1 && n_struct == 0)) {
3175                         r = type_stack_pop(stack, ELEMENTSOF(stack), &stack_ptr, &types, &n_struct, &n_array);
3176                         if (r < 0)
3177                                 return r;
3178                         if (r == 0)
3179                                 break;
3180
3181                         r = sd_bus_message_exit_container(m);
3182                         if (r < 0)
3183                                 return r;
3184
3185                         continue;
3186                 }
3187
3188                 t = types;
3189                 if (n_array != (unsigned) -1)
3190                         n_array --;
3191                 else {
3192                         types ++;
3193                         n_struct--;
3194                 }
3195
3196                 switch (*t) {
3197
3198                 case SD_BUS_TYPE_BYTE:
3199                 case SD_BUS_TYPE_BOOLEAN:
3200                 case SD_BUS_TYPE_INT16:
3201                 case SD_BUS_TYPE_UINT16:
3202                 case SD_BUS_TYPE_INT32:
3203                 case SD_BUS_TYPE_UINT32:
3204                 case SD_BUS_TYPE_INT64:
3205                 case SD_BUS_TYPE_UINT64:
3206                 case SD_BUS_TYPE_DOUBLE:
3207                 case SD_BUS_TYPE_STRING:
3208                 case SD_BUS_TYPE_OBJECT_PATH:
3209                 case SD_BUS_TYPE_SIGNATURE:
3210                 case SD_BUS_TYPE_UNIX_FD: {
3211                         void *p;
3212
3213                         p = va_arg(ap, void*);
3214                         r = sd_bus_message_read_basic(m, *t, p);
3215                         if (r < 0)
3216                                 return r;
3217                         if (r == 0)
3218                                 return -ENXIO;
3219
3220                         break;
3221                 }
3222
3223                 case SD_BUS_TYPE_ARRAY: {
3224                         size_t k;
3225
3226                         r = signature_element_length(t + 1, &k);
3227                         if (r < 0)
3228                                 return r;
3229
3230                         {
3231                                 char s[k + 1];
3232                                 memcpy(s, t + 1, k);
3233                                 s[k] = 0;
3234
3235                                 r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, s);
3236                                 if (r < 0)
3237                                         return r;
3238                                 if (r == 0)
3239                                         return -ENXIO;
3240                         }
3241
3242                         if (n_array == (unsigned) -1) {
3243                                 types += k;
3244                                 n_struct -= k;
3245                         }
3246
3247                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3248                         if (r < 0)
3249                                 return r;
3250
3251                         types = t + 1;
3252                         n_struct = k;
3253                         n_array = va_arg(ap, unsigned);
3254
3255                         break;
3256                 }
3257
3258                 case SD_BUS_TYPE_VARIANT: {
3259                         const char *s;
3260
3261                         s = va_arg(ap, const char *);
3262                         if (!s)
3263                                 return -EINVAL;
3264
3265                         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_VARIANT, s);
3266                         if (r < 0)
3267                                 return r;
3268                         if (r == 0)
3269                                 return -ENXIO;
3270
3271                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3272                         if (r < 0)
3273                                 return r;
3274
3275                         types = s;
3276                         n_struct = strlen(s);
3277                         n_array = (unsigned) -1;
3278
3279                         break;
3280                 }
3281
3282                 case SD_BUS_TYPE_STRUCT_BEGIN:
3283                 case SD_BUS_TYPE_DICT_ENTRY_BEGIN: {
3284                         size_t k;
3285
3286                         r = signature_element_length(t, &k);
3287                         if (r < 0)
3288                                 return r;
3289
3290                         {
3291                                 char s[k - 1];
3292                                 memcpy(s, t + 1, k - 2);
3293                                 s[k - 2] = 0;
3294
3295                                 r = sd_bus_message_enter_container(m, *t == SD_BUS_TYPE_STRUCT_BEGIN ? SD_BUS_TYPE_STRUCT : SD_BUS_TYPE_DICT_ENTRY, s);
3296                                 if (r < 0)
3297                                         return r;
3298                                 if (r == 0)
3299                                         return -ENXIO;
3300                         }
3301
3302                         if (n_array == (unsigned) -1) {
3303                                 types += k - 1;
3304                                 n_struct -= k - 1;
3305                         }
3306
3307                         r = type_stack_push(stack, ELEMENTSOF(stack), &stack_ptr, types, n_struct, n_array);
3308                         if (r < 0)
3309                                 return r;
3310
3311                         types = t + 1;
3312                         n_struct = k - 2;
3313                         n_array = (unsigned) -1;
3314
3315                         break;
3316                 }
3317
3318                 default:
3319                         return -EINVAL;
3320                 }
3321         }
3322
3323         return 1;
3324 }
3325
3326 int sd_bus_message_read(sd_bus_message *m, const char *types, ...) {
3327         va_list ap;
3328         int r;
3329
3330         if (!m)
3331                 return -EINVAL;
3332         if (!m->sealed)
3333                 return -EPERM;
3334         if (!types)
3335                 return -EINVAL;
3336
3337         va_start(ap, types);
3338         r = message_read_ap(m, types, ap);
3339         va_end(ap);
3340
3341         return r;
3342 }
3343
3344 int sd_bus_message_read_array(sd_bus_message *m, char type, const void **ptr, size_t *size) {
3345         struct bus_container *c;
3346         void *p;
3347         size_t sz;
3348         ssize_t align;
3349         int r;
3350
3351         if (!m)
3352                 return -EINVAL;
3353         if (!m->sealed)
3354                 return -EPERM;
3355         if (!bus_type_is_trivial(type))
3356                 return -EINVAL;
3357         if (!ptr)
3358                 return -EINVAL;
3359         if (!size)
3360                 return -EINVAL;
3361         if (BUS_MESSAGE_NEED_BSWAP(m))
3362                 return -ENOTSUP;
3363
3364         align = bus_type_get_alignment(type);
3365         if (align < 0)
3366                 return align;
3367
3368         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
3369         if (r <= 0)
3370                 return r;
3371
3372         c = message_get_container(m);
3373         sz = BUS_MESSAGE_BSWAP32(m, *c->array_size);
3374
3375         r = message_peek_body(m, &m->rindex, align, sz, &p);
3376         if (r < 0)
3377                 goto fail;
3378         if (r == 0) {
3379                 r = -EBADMSG;
3380                 goto fail;
3381         }
3382
3383         r = sd_bus_message_exit_container(m);
3384         if (r < 0)
3385                 goto fail;
3386
3387         *ptr = (const void*) p;
3388         *size = sz;
3389
3390         return 1;
3391
3392 fail:
3393         message_quit_container(m);
3394         return r;
3395 }
3396
3397 static int message_peek_fields(
3398                 sd_bus_message *m,
3399                 size_t *rindex,
3400                 size_t align,
3401                 size_t nbytes,
3402                 void **ret) {
3403
3404         assert(m);
3405         assert(rindex);
3406         assert(align > 0);
3407
3408         return buffer_peek(BUS_MESSAGE_FIELDS(m), BUS_MESSAGE_FIELDS_SIZE(m), rindex, align, nbytes, ret);
3409 }
3410
3411 static int message_peek_field_uint32(
3412                 sd_bus_message *m,
3413                 size_t *ri,
3414                 uint32_t *ret) {
3415
3416         int r;
3417         void *q;
3418
3419         assert(m);
3420         assert(ri);
3421
3422         r = message_peek_fields(m, ri, 4, 4, &q);
3423         if (r < 0)
3424                 return r;
3425
3426         if (ret)
3427                 *ret = BUS_MESSAGE_BSWAP32(m, *(uint32_t*) q);
3428
3429         return 0;
3430 }
3431
3432 static int message_peek_field_string(
3433                 sd_bus_message *m,
3434                 bool (*validate)(const char *p),
3435                 size_t *ri,
3436                 const char **ret) {
3437
3438         uint32_t l;
3439         int r;
3440         void *q;
3441
3442         assert(m);
3443         assert(ri);
3444
3445         r = message_peek_field_uint32(m, ri, &l);
3446         if (r < 0)
3447                 return r;
3448
3449         r = message_peek_fields(m, ri, 1, l+1, &q);
3450         if (r < 0)
3451                 return r;
3452
3453         if (validate) {
3454                 if (!validate_nul(q, l))
3455                         return -EBADMSG;
3456
3457                 if (!validate(q))
3458                         return -EBADMSG;
3459         } else {
3460                 if (!validate_string(q, l))
3461                         return -EBADMSG;
3462         }
3463
3464         if (ret)
3465                 *ret = q;
3466
3467         return 0;
3468 }
3469
3470 static int message_peek_field_signature(
3471                 sd_bus_message *m,
3472                 size_t *ri,
3473                 const char **ret) {
3474
3475         size_t l;
3476         int r;
3477         void *q;
3478
3479         assert(m);
3480         assert(ri);
3481
3482         r = message_peek_fields(m, ri, 1, 1, &q);
3483         if (r < 0)
3484                 return r;
3485
3486         l = *(uint8_t*) q;
3487         r = message_peek_fields(m, ri, 1, l+1, &q);
3488         if (r < 0)
3489                 return r;
3490
3491         if (!validate_signature(q, l))
3492                 return -EBADMSG;
3493
3494         if (ret)
3495                 *ret = q;
3496
3497         return 0;
3498 }
3499
3500 static int message_skip_fields(
3501                 sd_bus_message *m,
3502                 size_t *ri,
3503                 uint32_t array_size,
3504                 const char **signature) {
3505
3506         size_t original_index;
3507         int r;
3508
3509         assert(m);
3510         assert(ri);
3511         assert(signature);
3512
3513         original_index = *ri;
3514
3515         for (;;) {
3516                 char t;
3517                 size_t l;
3518
3519                 if (array_size != (uint32_t) -1 &&
3520                     array_size <= *ri - original_index)
3521                         return 0;
3522
3523                 t = **signature;
3524                 if (!t)
3525                         return 0;
3526
3527                 if (t == SD_BUS_TYPE_STRING) {
3528
3529                         r = message_peek_field_string(m, NULL, ri, NULL);
3530                         if (r < 0)
3531                                 return r;
3532
3533                         (*signature)++;
3534
3535                 } else if (t == SD_BUS_TYPE_OBJECT_PATH) {
3536
3537                         r = message_peek_field_string(m, object_path_is_valid, ri, NULL);
3538                         if (r < 0)
3539                                 return r;
3540
3541                         (*signature)++;
3542
3543                 } else if (t == SD_BUS_TYPE_SIGNATURE) {
3544
3545                         r = message_peek_field_signature(m, ri, NULL);
3546                         if (r < 0)
3547                                 return r;
3548
3549                         (*signature)++;
3550
3551                 } else if (bus_type_is_basic(t)) {
3552                         ssize_t align, k;
3553
3554                         align = bus_type_get_alignment(t);
3555                         k = bus_type_get_size(t);
3556                         assert(align > 0 && k > 0);
3557
3558                         r = message_peek_fields(m, ri, align, k, NULL);
3559                         if (r < 0)
3560                                 return r;
3561
3562                         (*signature)++;
3563
3564                 } else if (t == SD_BUS_TYPE_ARRAY) {
3565
3566                         r = signature_element_length(*signature+1, &l);
3567                         if (r < 0)
3568                                 return r;
3569
3570                         assert(l >= 1);
3571                         {
3572                                 char sig[l-1], *s;
3573                                 uint32_t nas;
3574                                 int alignment;
3575
3576                                 strncpy(sig, *signature + 1, l-1);
3577                                 s = sig;
3578
3579                                 alignment = bus_type_get_alignment(sig[0]);
3580                                 if (alignment < 0)
3581                                         return alignment;
3582
3583                                 r = message_peek_field_uint32(m, ri, &nas);
3584                                 if (r < 0)
3585                                         return r;
3586                                 if (nas > BUS_ARRAY_MAX_SIZE)
3587                                         return -EBADMSG;
3588
3589                                 r = message_peek_fields(m, ri, alignment, 0, NULL);
3590                                 if (r < 0)
3591                                         return r;
3592
3593                                 r = message_skip_fields(m, ri, nas, (const char**) &s);
3594                                 if (r < 0)
3595                                         return r;
3596                         }
3597
3598                         (*signature) += 1 + l;
3599
3600                 } else if (t == SD_BUS_TYPE_VARIANT) {
3601                         const char *s;
3602
3603                         r = message_peek_field_signature(m, ri, &s);
3604                         if (r < 0)
3605                                 return r;
3606
3607                         r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3608                         if (r < 0)
3609                                 return r;
3610
3611                         (*signature)++;
3612
3613                 } else if (t == SD_BUS_TYPE_STRUCT ||
3614                            t == SD_BUS_TYPE_DICT_ENTRY) {
3615
3616                         r = signature_element_length(*signature, &l);
3617                         if (r < 0)
3618                                 return r;
3619
3620                         assert(l >= 2);
3621                         {
3622                                 char sig[l-1], *s;
3623                                 strncpy(sig, *signature + 1, l-1);
3624                                 s = sig;
3625
3626                                 r = message_skip_fields(m, ri, (uint32_t) -1, (const char**) &s);
3627                                 if (r < 0)
3628                                         return r;
3629                         }
3630
3631                         *signature += l;
3632                 } else
3633                         return -EINVAL;
3634         }
3635 }
3636
3637 int bus_message_parse_fields(sd_bus_message *m) {
3638         size_t ri;
3639         int r;
3640         uint32_t unix_fds = 0;
3641
3642         assert(m);
3643
3644         for (ri = 0; ri < BUS_MESSAGE_FIELDS_SIZE(m); ) {
3645                 const char *signature;
3646                 uint8_t *header;
3647
3648                 r = message_peek_fields(m, &ri, 8, 1, (void**) &header);
3649                 if (r < 0)
3650                         return r;
3651
3652                 r = message_peek_field_signature(m, &ri, &signature);
3653                 if (r < 0)
3654                         return r;
3655
3656                 switch (*header) {
3657                 case _SD_BUS_MESSAGE_HEADER_INVALID:
3658                         return -EBADMSG;
3659
3660                 case SD_BUS_MESSAGE_HEADER_PATH:
3661
3662                         if (m->path)
3663                                 return -EBADMSG;
3664
3665                         if (!streq(signature, "o"))
3666                                 return -EBADMSG;
3667
3668                         r = message_peek_field_string(m, object_path_is_valid, &ri, &m->path);
3669                         break;
3670
3671                 case SD_BUS_MESSAGE_HEADER_INTERFACE:
3672
3673                         if (m->interface)
3674                                 return -EBADMSG;
3675
3676                         if (!streq(signature, "s"))
3677                                 return -EBADMSG;
3678
3679                         r = message_peek_field_string(m, interface_name_is_valid, &ri, &m->interface);
3680                         break;
3681
3682                 case SD_BUS_MESSAGE_HEADER_MEMBER:
3683
3684                         if (m->member)
3685                                 return -EBADMSG;
3686
3687                         if (!streq(signature, "s"))
3688                                 return -EBADMSG;
3689
3690                         r = message_peek_field_string(m, member_name_is_valid, &ri, &m->member);
3691                         break;
3692
3693                 case SD_BUS_MESSAGE_HEADER_ERROR_NAME:
3694
3695                         if (m->error.name)
3696                                 return -EBADMSG;
3697
3698                         if (!streq(signature, "s"))
3699                                 return -EBADMSG;
3700
3701                         r = message_peek_field_string(m, error_name_is_valid, &ri, &m->error.name);
3702                         break;
3703
3704                 case SD_BUS_MESSAGE_HEADER_DESTINATION:
3705
3706                         if (m->destination)
3707                                 return -EBADMSG;
3708
3709                         if (!streq(signature, "s"))
3710                                 return -EBADMSG;
3711
3712                         r = message_peek_field_string(m, service_name_is_valid, &ri, &m->destination);
3713                         break;
3714
3715                 case SD_BUS_MESSAGE_HEADER_SENDER:
3716
3717                         if (m->sender)
3718                                 return -EBADMSG;
3719
3720                         if (!streq(signature, "s"))
3721                                 return -EBADMSG;
3722
3723                         r = message_peek_field_string(m, service_name_is_valid, &ri, &m->sender);
3724                         break;
3725
3726
3727                 case SD_BUS_MESSAGE_HEADER_SIGNATURE: {
3728                         const char *s;
3729                         char *c;
3730
3731                         if (m->root_container.signature)
3732                                 return -EBADMSG;
3733
3734                         if (!streq(signature, "g"))
3735                                 return -EBADMSG;
3736
3737                         r = message_peek_field_signature(m, &ri, &s);
3738                         if (r < 0)
3739                                 return r;
3740
3741                         c = strdup(s);
3742                         if (!c)
3743                                 return -ENOMEM;
3744
3745                         free(m->root_container.signature);
3746                         m->root_container.signature = c;
3747