8ec399
From 7a47f57975be0d285a2f20758e4572dca6d9cdd3 Mon Sep 17 00:00:00 2001
8ec399
From: Jakub Filak <jfilak@redhat.com>
8ec399
Date: Wed, 13 May 2015 11:10:23 +0200
8ec399
Subject: [ABRT PATCH] dbus: validate parameters of all calls
8ec399
8ec399
SetElement and DeleteElement were missing check for valid dump directory
8ec399
path.
8ec399
8ec399
FindProblemByElementInTimeRange was not reporting invalid element names.
8ec399
8ec399
Related: #1214451
8ec399
8ec399
Signed-off-by: Jakub Filak <jfilak@redhat.com>
8ec399
---
8ec399
 src/dbus/abrt-dbus.c | 24 ++++++++++++++++++++++++
8ec399
 1 file changed, 24 insertions(+)
8ec399
8ec399
diff --git a/src/dbus/abrt-dbus.c b/src/dbus/abrt-dbus.c
8ec399
index bef95bd..f2f742b 100644
8ec399
--- a/src/dbus/abrt-dbus.c
8ec399
+++ b/src/dbus/abrt-dbus.c
8ec399
@@ -607,6 +607,12 @@ static void handle_method_call(GDBusConnection *connection,
8ec399
 
8ec399
         g_variant_get(parameters, "(&s&s&s)", &problem_id, &element, &value);
8ec399
 
8ec399
+        if (!allowed_problem_dir(problem_id))
8ec399
+        {
8ec399
+            return_InvalidProblemDir_error(invocation, problem_id);
8ec399
+            return;
8ec399
+        }
8ec399
+
8ec399
         if (!str_is_correct_filename(element))
8ec399
         {
8ec399
             log_notice("'%s' is not a valid element name of '%s'", element, problem_id);
8ec399
@@ -666,6 +672,12 @@ static void handle_method_call(GDBusConnection *connection,
8ec399
 
8ec399
         g_variant_get(parameters, "(&s&s)", &problem_id, &element);
8ec399
 
8ec399
+        if (!allowed_problem_dir(problem_id))
8ec399
+        {
8ec399
+            return_InvalidProblemDir_error(invocation, problem_id);
8ec399
+            return;
8ec399
+        }
8ec399
+
8ec399
         if (!str_is_correct_filename(element))
8ec399
         {
8ec399
             log_notice("'%s' is not a valid element name of '%s'", element, problem_id);
8ec399
@@ -783,6 +795,18 @@ static void handle_method_call(GDBusConnection *connection,
8ec399
         g_variant_get_child(parameters, 3, "x", &timestamp_to);
8ec399
         g_variant_get_child(parameters, 4, "b", &all;;
8ec399
 
8ec399
+        if (!str_is_correct_filename(element))
8ec399
+        {
8ec399
+            log_notice("'%s' is not a valid element name", element);
8ec399
+            char *error = xasprintf(_("'%s' is not a valid element name"), element);
8ec399
+            g_dbus_method_invocation_return_dbus_error(invocation,
8ec399
+                                              "org.freedesktop.problems.InvalidElement",
8ec399
+                                              error);
8ec399
+
8ec399
+            free(error);
8ec399
+            return;
8ec399
+        }
8ec399
+
8ec399
         if (all && polkit_check_authorization_dname(caller, "org.freedesktop.problems.getall") == PolkitYes)
8ec399
             caller_uid = 0;
8ec399
 
8ec399
-- 
8ec399
1.8.3.1
8ec399