Escaping for paths

Havoc Pennington hp at
Wed Jun 21 15:50:04 PDT 2006

Kimmo Hämäläinen wrote:
> Yes, I guess so, but Havoc said that sending invalid messages is an
> application bug, so that validation in DBus library could go away when
> application has the means to validate the messages. Also, it could
> reduce the amount of needed function calls, when the message has many
> arguments. Not to mention that it would allow more flexible architecture
> in the application, since the caller does not need to no anything about
> the message.

The main problem with validating inside dbus_message_append_args() or 
whatever is that it would add the need for a DBusError return.

I don't think this makes sense, because we're talking about a very 
uncommon case:
  -> untrusted data used for an object path (already uncommon)
    -> wanting to _fail_ (validate) rather than _escape_ in this case
       (more uncommon still)

Essentially this only happens when a program takes a dbus object path on 
the command line, or something like that.

Other cases would be something like the "/addressbook/<URI>" example and 
then you want escaping, not validation.

So, why add the annoying DBusError return for this odd case.


More information about the dbus mailing list