Added DBus filtering

2018-01-17 18:23:10 +09:00 · 2018-01-17 18:23:10 +09:00 · e52a5b5d19
commit e52a5b5d19
parent 03f1724cae
2 changed files with 178 additions and 1 deletions
--- a/ibus-HEAD.patch
+++ b/ibus-HEAD.patch
@ -0,0 +1,172 @@
 From bfe57d20e9d39d52428e95e493d9af0bd034a82f Mon Sep 17 00:00:00 2001
 From: fujiwarat <takao.fujiwara1@gmail.com>
 Date: Mon, 15 Jan 2018 14:44:07 +0900
 Subject: [PATCH] Added DBus filtering against malware
 The proposal prevents non-ower of the GDBusConnection from accessing
 DBus methods against malicious usages.
 BUG=https://github.com/ibus/ibus/issues/1955
 Review URL: https://codereview.appspot.com/335380043
 ---
 bus/inputcontext.c     | 24 +++++++++++++++++++++++-
 src/ibusengine.c       | 18 +++++++++++++++++-
 src/ibuspanelservice.c | 14 +++++++++++++-
 3 files changed, 53 insertions(+), 3 deletions(-)
 diff --git a/bus/inputcontext.c b/bus/inputcontext.c
 index d8be9e3f..4f2ecafc 100644
 --- a/bus/inputcontext.c
 +++ b/bus/inputcontext.c
@@ -2,7 +2,7 @@
 /* vim:set et sts=4: */
 /* ibus - The Input Bus
  * Copyright (C) 2008-2014 Peng Huang <shawn.p.huang@gmail.com>
 - * Copyright (C) 2015-2017 Takao Fujiwara <takao.fujiwara1@gmail.com>
 + * Copyright (C) 2015-2018 Takao Fujiwara <takao.fujiwara1@gmail.com>
  * Copyright (C) 2008-2016 Red Hat, Inc.
  *
  * This library is free software; you can redistribute it and/or
@@ -1148,6 +1148,20 @@ _ic_set_surrounding_text (BusInputContext       *context,
     g_dbus_method_invocation_return_value (invocation, NULL);
 }
 +/*
 + * Since IBusService is inherited by IBusImpl, this method cannot be
 + * applied to IBusServiceClass.method_call() directly but can be in
 + * each child class.method_call().
 + */
 +static gboolean
 +bus_input_context_service_authorized_method (IBusService     *service,
 +                                             GDBusConnection *connection)
 +{
 +    if (ibus_service_get_connection (service) == connection)
 +        return TRUE;
 +    return FALSE;
 +}
 +
 /**
  * bus_input_context_service_method_call:
  *
@@ -1197,6 +1211,10 @@ bus_input_context_service_method_call (IBusService            *service,
     };
     gint i;
 +
 +    if (!bus_input_context_service_authorized_method (service, connection))
 +        return;
 +
     for (i = 0; i < G_N_ELEMENTS (methods); i++) {
         if (g_strcmp0 (method_name, methods[i].method_name) == 0) {
             methods[i].method_callback ((BusInputContext *)service, parameters, invocation);
@@ -1270,6 +1288,9 @@ bus_input_context_service_set_property (IBusService     *service,
                                   error);
     }
 +    if (!bus_input_context_service_authorized_method (service, connection))
 +        return FALSE;
 +
     if (g_strcmp0 (property_name, "ContentType") == 0) {
         BusInputContext *context = (BusInputContext *) service;
         _ic_set_content_type (context, value);
@@ -1279,6 +1300,7 @@ bus_input_context_service_set_property (IBusService     *service,
     g_return_val_if_reached (FALSE);
 }
 +
 gboolean
 bus_input_context_has_focus (BusInputContext *context)
 {
 diff --git a/src/ibusengine.c b/src/ibusengine.c
 index b2a8022a..da648d11 100644
 --- a/src/ibusengine.c
 +++ b/src/ibusengine.c
@@ -2,7 +2,8 @@
 /* vim:set et sts=4: */
 /* ibus - The Input Bus
  * Copyright (C) 2008-2013 Peng Huang <shawn.p.huang@gmail.com>
 - * Copyright (C) 2008-2013 Red Hat, Inc.
 + * Copyright (C) 2018 Takao Fujiwara <takao.fujiwara1@gmail.com>
 + * Copyright (C) 2008-2018 Red Hat, Inc.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -851,6 +852,15 @@ ibus_engine_get_property (IBusEngine *engine,
     }
 }
 +static gboolean
 +ibus_engine_service_authorized_method (IBusService     *service,
 +                                       GDBusConnection *connection)
 +{
 +    if (ibus_service_get_connection (service) == connection)
 +        return TRUE;
 +    return FALSE;
 +}
 +
 static void
 ibus_engine_service_method_call (IBusService           *service,
                                  GDBusConnection       *connection,
@@ -876,6 +886,9 @@ ibus_engine_service_method_call (IBusService           *service,
         return;
     }
 +    if (!ibus_engine_service_authorized_method (service, connection))
 +        return;
 +
     if (g_strcmp0 (method_name, "ProcessKeyEvent") == 0) {
         guint keyval, keycode, state;
         gboolean retval = FALSE;
@@ -1085,6 +1098,9 @@ ibus_engine_service_set_property (IBusService        *service,
                                   error);
     }
 +    if (!ibus_engine_service_authorized_method (service, connection))
 +        return FALSE;
 +
     if (g_strcmp0 (property_name, "ContentType") == 0) {
         guint purpose = 0;
         guint hints = 0;
 diff --git a/src/ibuspanelservice.c b/src/ibuspanelservice.c
 index 468aa324..33949fa1 100644
 --- a/src/ibuspanelservice.c
 +++ b/src/ibuspanelservice.c
@@ -3,7 +3,7 @@
 /* ibus - The Input Bus
  * Copyright (c) 2009-2014 Google Inc. All rights reserved.
  * Copyright (C) 2010-2014 Peng Huang <shawn.p.huang@gmail.com>
 - * Copyright (C) 2017 Takao Fujiwara <takao.fujiwara1@gmail.com>
 + * Copyright (C) 2017-2018 Takao Fujiwara <takao.fujiwara1@gmail.com>
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -936,6 +936,15 @@ _g_object_unref_if_floating (gpointer instance)
         g_object_unref (instance);
 }
 +static gboolean
 +ibus_panel_service_service_authorized_method (IBusService     *service,
 +                                              GDBusConnection *connection)
 +{
 +    if (ibus_service_get_connection (service) == connection)
 +        return TRUE;
 +    return FALSE;
 +}
 +
 static void
 ibus_panel_service_service_method_call (IBusService           *service,
                                         GDBusConnection       *connection,
@@ -961,6 +970,9 @@ ibus_panel_service_service_method_call (IBusService           *service,
         return;
     }
 +    if (!ibus_panel_service_service_authorized_method (service, connection))
 +        return;
 +
     if (g_strcmp0 (method_name, "UpdatePreeditText") == 0) {
         GVariant *variant = NULL;
         guint cursor = 0;
 -- 
 2.14.3
--- a/ibus.spec
+++ b/ibus.spec
@ -36,7 +36,7 @@
 Name:           ibus
 Version:        1.5.17
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Intelligent Input Bus for Linux OS
 License:        LGPLv2+
 Group:          System Environment/Libraries
@ -47,6 +47,7 @@ Source2:        %{name}.conf.5
 # Will remove the annotation tarball once the rpm is available on Fedora
 # Upstreamed patches.
 # Patch0:         %%{name}-HEAD.patch
 Patch0:         %{name}-HEAD.patch
 # Under testing #1349148 #1385349 #1350291 #1406699 #1432252
 Patch1:         %{name}-1385349-segv-bus-proxy.patch
 %if %with_emoji_harfbuzz
@ -246,6 +247,7 @@ The ibus-devel-docs package contains developer documentation for IBus
 %prep
 %setup -q
 # %%patch0 -p1
 %patch0 -p1
 # cp client/gtk2/ibusimcontext.c client/gtk3/ibusimcontext.c ||
 %patch1 -p1 -z .segv
 %if %with_emoji_harfbuzz
@ -475,6 +477,9 @@ gtk-query-immodules-3.0-%{__isa_bits} --update-cache &> /dev/null || :
 %{_datadir}/gtk-doc/html/*
 %changelog
 * Wed Jan 17 2018 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.17-4
 - Added DBus filtering
 * Sat Jan 06 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.5.17-3
 - Remove obsolete scriptlets