On Mon, Jun 27, 2022 at 11:49 AM Jiri Pirko <jiri(a)resnulli.us> wrote:
Fri, Apr 15, 2022 at 05:41:39PM CEST, lucien.xin(a)gmail.com wrote:
>Using bus name without validating it will cause core dump generated,
>and it can be reproduced by:
>
> # ip link add dummy0.1 type dummy
> # teamdctl dummy0.1 state dump
>
> This is normally a bug in some application using the D-Bus library.
>
> D-Bus not built with -rdynamic so unable to print a backtrace
> Aborted (core dumped)
>
>Doing this many times can even create too many core files, customers
>may complain about it.
>
>This is triggered when calling cli_method_call("ConfigDump") in
>cli_init(), so fix it by returning err in cli->init/cli_dbus_init()
>if the bus name fails to validate.
>
>Note this is safe, as with dbus, we can't use invalid dbus name to
>create the team dev either.
>
>Fixes: d8163e34c25c ("libteamdctl: do test method call instead or Introspect
call")
>Reported-by: Uday Patel <upatel(a)redhat.com>
>Signed-off-by: Xin Long <lucien.xin(a)gmail.com>
Applied, thanks!
But I don't see it on
https://github.com/jpirko/libteam, and
the
latest commit I saw was on Feb 22, 2021.
Can you please double-check it?
Thanks.
>
> >---
> > libteamdctl/cli_dbus.c | 7 ++++++-
> > 1 file changed, 6 insertions(+), 1 deletion(-)
> >
> >diff --git a/libteamdctl/cli_dbus.c b/libteamdctl/cli_dbus.c
> >index dfef5c4..242ef86 100644
> >--- a/libteamdctl/cli_dbus.c
> >+++ b/libteamdctl/cli_dbus.c
> >@@ -183,12 +183,17 @@ static int cli_dbus_init(struct teamdctl *tdc, const char
*team_name, void *priv
> > if (ret == -1)
> > return -errno;
> >
> >+ err = -EINVAL;
> > dbus_error_init(&error);
> >+ if (!dbus_validate_bus_name(cli_dbus->service_name, &error)) {
> >+ err(tdc, "dbus: Could not validate bus name: %s - %s",
> >+ error.name, error.message);
> >+ goto free_service_name;
> >+ }
> > cli_dbus->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &error);
> > if (!cli_dbus->conn) {
> > err(tdc, "dbus: Could not acquire the system bus: %s -
%s",
> > error.name, error.message);
> >- err = -EINVAL;
> > goto free_service_name;
> > }
> > err = 0;
> >--
> >2.31.1
> >