Unix FD Passing
Lennart Poettering
mzqohf at 0pointer.de
Wed May 20 15:08:18 PDT 2009
On Wed, 20.05.09 23:34, Thiago Macieira (thiago at kde.org) wrote:
> Havoc Pennington wrote:
> >Hi,
> >
> >On Wed, May 20, 2009 at 4:39 PM, Lennart Poettering <mzqohf at 0pointer.de>
> wrote:
> >> I am not sure I fully understood your question, but I think generic
> >> demarshalling code like that wouldn't make sense anyway. Because in
> >> contrast to other fixed data types unix fds are special: you need to
> >> close() them after use.
> >
> >Hmm, I think such code does exist now though (I think the Qt bindings do
> > it?)
>
> More or less. Right now, the demarshaller code will just ignore types it
> doesn't know and print a warning. However, there's also a
> "transmarshaller" code that copies from one DBusMessage into another and I
> think that's the one you're referring to.
>
> It's basically a loop around a DBusMessageIter until it returns false: if
> the element is a basic type, it uses dbus_message_iter_get_basic and
> dbus_message_iter_append_basic. If the element is an array and its type is
> of fixed size, it uses dbus_message_iter_get_fixed_array and
> dbus_message_iter_append_fixed_array. Otherwise, it enters the element and
> recurses.
Qt should verify the types more closely before it does this. Trying to
do generic code like that is doomed to fail anyway: don't try to
generically handle data you don't understand. Simply because of
security reasons: after all this is untrusted data. You need to know
what you are touching.
> With the introduction of FD passing, this code will probably start leaking
> fds.
Yes, definitely.
Lennart
--
Lennart Poettering Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/ GnuPG 0x1A015CC4
More information about the dbus
mailing list