"DBus Embedded" - a clean break

Havoc Pennington hp at pobox.com
Thu Jan 20 12:44:56 PST 2011


On Thu, Jan 20, 2011 at 3:31 PM, Thiago Macieira <thiago at kde.org> wrote:
> Well, if the error is in the message header, then the whole stream is broken
> and it's unrecoverable.
> If the error is in the message body, then it's recoverable. The message header
> has the size of the body included, but not the size of the header.

I suppose. Unless the error in the message body is caused by a bug
that messes up the expected length, for example failure to write out a
whole string.

I just see this getting into a state where you "drop messages" until
the end of time once you get confused. Why not just disconnect.
Sending a mangled message shouldn't be possible via app bugs, only
library bugs, so we ought to be able to just stomp out mangled data.
In fact I'd argue that's worked very well for years now with libdbus.

The only time people ever notice this is bad UTF-8, which _should_
(and I think now does?) get blocked by libdbus with a client-side
warning. That, and people writing their own implementations of the
protocol run into this. But they can just build a verbose version of
the bus and debug it. I don't think apps would benefit from some
attempt to ignore bugs in messages they send. It'd be worse in fact,
just a mysterious black hole instead of a disconnect.

You'd also break the current guarantee that messages always get a
reply, as long as the connection stays connected.

"liberal in what you accept" is bogus in a lot of cases, including
this one, imo. This is the kind of wooly-headed liberal thinking that
leads to being eaten.


More information about the dbus mailing list