Command name validation question

Havoc Pennington hp at
Thu Sep 7 18:48:49 PDT 2006

John (J5) Palmieri wrote:
> I have this marked as a 1.0 FIXME but on second glance I am not sure if
> it needs to be fixed:
> /* FIXME 1.0 we should probably validate that only the allowed
>    * chars are in the command name
>    */
>   command = lookup_command_from_name (&line);
> lookup_command_from_name just does a lookup in a table.  I thought this
> was a security issue at first but since the command itself it compared
> against valid commands we check it just seems like a small performance
> FIXME since you wouldn't have to check against the whole command table
> if the command contained an invalid character.  If that is the case I am
> going to take it of the 1.0 FIXME's and just make it a regular @todo.

I don't think there's a security problem, but it would be slightly more 
correct to validate the characters. Invalid characters would indicate a 
malicious client of some kind, since there's no reason to have invalid 
chars, while unknown commands with valid chars are allowed. IOW we would 
disconnect someone immediately on invalid chars ("not well formed") 
while on an unknown command we just report an error.

So it's not just a performance issue but I don't think it's a critical 


More information about the dbus mailing list