"DBus Embedded" - a clean break

Havoc Pennington hp at pobox.com
Thu Jan 20 11:01:51 PST 2011


2011/1/20 Rémi Denis-Courmont <remi at remlab.net>:
>> Do not do any verification is clearly faster, but is already possible
>> with a 1-line change to the current code (grep for
> Hmm... AFAIU, that would imply a change to the protocol and specification. The
> final destination namely needs to discard invalid messages instead of closing
> the entire connection.

The spec is more "should" than "must" on this point I think, it
doesn't affect interoperability, just whether your implementation is
secure against untrusted peers.

There's also two kinds of validity checked. One is well-formedness,
violations there are assumed malicious (or at least wildly
incompetent) so the connection drops. The other is higher-level
semantic problems, which result in an error reply.

it's the difference between bad xml like:
  <<p><script> a href=broken"

and bad html like:


> In real life, you will never get even close to the complete N! graph.

It does get big though, and has in empirical practice. Apps that
provide a service end up having connections to lots of other

Anyhow this could be easily quantified precisely with actual data on a
running gnome desktop.

> and if arrays had an item count in addition to a total bytes
> length.

Can't you just do bytelen/sizeof(element) ?


More information about the dbus mailing list