From 5ceb52962e76b600396e356e31ec93edf8046475 Mon Sep 17 00:00:00 2001 From: Calvin Lee Date: Thu, 13 Jul 2017 20:24:33 -0700 Subject: [PATCH] Fix name validation in sni_watcher.c This commit also fixes a memory leak that occurs on failure. --- swaybar/tray/sni_watcher.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/swaybar/tray/sni_watcher.c b/swaybar/tray/sni_watcher.c index 388e181d..86453e70 100644 --- a/swaybar/tray/sni_watcher.c +++ b/swaybar/tray/sni_watcher.c @@ -150,10 +150,14 @@ static void register_item(DBusConnection *connection, DBusMessage *message) { sway_log(L_ERROR, "Error parsing method args: %s\n", error.message); } - name = strdup(name); sway_log(L_INFO, "RegisterStatusNotifierItem called with \"%s\"\n", name); // Don't add duplicate or not real item + if (!dbus_validate_bus_name(name, NULL)) { + sway_log(L_INFO, "This item is not valid, we cannot keep track of it."); + return; + } + if (list_seq_find(items, (int (*)(const void *, const void *))strcmp, name) != -1) { return; } @@ -161,7 +165,7 @@ static void register_item(DBusConnection *connection, DBusMessage *message) { return; } - list_add(items, name); + list_add(items, strdup(name)); item_registered_signal(connection, name); // It's silly, but xembedsniproxy wants a reply for this function @@ -184,6 +188,12 @@ static void register_host(DBusConnection *connection, DBusMessage *message) { sway_log(L_INFO, "RegisterStatusNotifierHost called with \"%s\"\n", name); // Don't add duplicate or not real host + if (!dbus_validate_bus_name(name, NULL)) { + sway_log(L_INFO, "This item is not valid, we cannot keep track of it."); + return; + } + + if (list_seq_find(hosts, (int (*)(const void *, const void *))strcmp, name) != -1) { return; }