From 8280c85fac44276dab8ffe5dd0de8b21b77fd7c8 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Thu, 26 Mar 2020 14:34:05 +0100 Subject: [PATCH] libnm: ensure we have no empty secret keys in NMSettingVpn Also drop the g_warn_if_fail() from update_secret_dict(). We may get the variant from D-Bus, so avoiding this assertion (g_warn*() is an assertion!) would require us to prevalidate the variant. That would be very cumbersome, and we would probably not want to handle that as an error and silently ignore them anyway. Just shut up. --- libnm-core/nm-setting-vpn.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/libnm-core/nm-setting-vpn.c b/libnm-core/nm-setting-vpn.c index d661204f60..30d67b1ea4 100644 --- a/libnm-core/nm-setting-vpn.c +++ b/libnm-core/nm-setting-vpn.c @@ -371,6 +371,7 @@ const char * nm_setting_vpn_get_secret (NMSettingVpn *setting, const char *key) { g_return_val_if_fail (NM_IS_SETTING_VPN (setting), NULL); + g_return_val_if_fail (key && key[0], NULL); return nm_g_hash_table_lookup (NM_SETTING_VPN_GET_PRIVATE (setting)->secrets, key); } @@ -414,7 +415,7 @@ gboolean nm_setting_vpn_remove_secret (NMSettingVpn *setting, const char *key) { g_return_val_if_fail (NM_IS_SETTING_VPN (setting), FALSE); - g_return_val_if_fail (key, FALSE); + g_return_val_if_fail (key && key[0], FALSE); if (nm_g_hash_table_remove (NM_SETTING_VPN_GET_PRIVATE (setting)->secrets, key)) { _notify (setting, PROP_SECRETS); @@ -478,7 +479,7 @@ aggregate (NMSetting *setting, } } - /* Ok, we have no secrets with system-secret flags. + /* OK, we have no secrets with system-secret flags. * But do we have any secret-flags (without secrets) that indicate system secrets? */ if (priv->data) { g_hash_table_iter_init (&iter, priv->data); @@ -576,8 +577,8 @@ update_secret_string (NMSetting *setting, { NMSettingVpnPrivate *priv = NM_SETTING_VPN_GET_PRIVATE (setting); - g_return_val_if_fail (key != NULL, NM_SETTING_UPDATE_SECRET_ERROR); - g_return_val_if_fail (value != NULL, NM_SETTING_UPDATE_SECRET_ERROR); + g_return_val_if_fail (key && key[0], NM_SETTING_UPDATE_SECRET_ERROR); + g_return_val_if_fail (value, NM_SETTING_UPDATE_SECRET_ERROR); if (!value[0]) { g_set_error (error, NM_CONNECTION_ERROR, @@ -1049,8 +1050,15 @@ set_property (GObject *object, guint prop_id, GHashTable *hash = g_value_get_boxed (value); if ( hash - && g_hash_table_size (hash) > 0) + && g_hash_table_size (hash) > 0) { priv->secrets = _nm_utils_copy_strdict (hash); + + /* empty keys are not allowed. Usually, we would reject them in verify(), but then + * our nm_setting_vpn_remove_secret() also doesn't allow empty keys. So, if we failed + * it in verify(), it would be only fixable by setting PROP_DATA again. Instead, + * silently drop it. */ + g_hash_table_remove (priv->secrets, ""); + } } break; case PROP_TIMEOUT: