From 8d54aa2ffd74c0ced1b180d162abd749458ace32 Mon Sep 17 00:00:00 2001 From: Ralf Habacker Date: Thu, 19 Jan 2023 16:17:43 +0100 Subject: _dbus_string_skip_blank(): Let the final assert follow the previous search This appears to have been a copy/paste mistake. If only blanks (defined as spaces or tabs) were removed, then it cannot be right to check for white space (defined as spaces, tabs, carriage return or linefeed) afterwards. If libdbus was compiled with assertions enabled, then this is a denial-of-service issue for dbus-daemon or other users of DBusServer: an unauthenticated user with access to the server's socket can send whitespace that triggers this assertion failure. We recommend that production versions of dbus, for example in OS distributions, should be compiled with checks but without assertions. [smcv: expanded commit message] Thanks: Evgeny Vereshchagin Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/421 --- dbus/dbus-string.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'dbus') diff --git a/dbus/dbus-string.c b/dbus/dbus-string.c index b3826fe1..29210de7 100644 --- a/dbus/dbus-string.c +++ b/dbus/dbus-string.c @@ -1880,7 +1880,7 @@ _dbus_string_skip_blank (const DBusString *str, ++i; } - _dbus_assert (i == real->len || !DBUS_IS_ASCII_WHITE (real->str[i])); + _dbus_assert (i == real->len || !DBUS_IS_ASCII_BLANK (real->str[i])); if (end) *end = i; -- cgit v1.2.1