Assertions can be disabled, but in test code the assertions are the
whole point, so use checks that can't be disabled instead.
Because there's a lot of test code, I haven't done this globally, only
in the tests that I recently converted from "embedded" to "modular".
Signed-off-by: Simon McVittie <smcv@collabora.com>
Assertions can be disabled; but in test code the assertions are the
entire point, so we don't want to disable them. Use _dbus_test_fatal()
instead.
test-service is actually a test helper rather than a test, so use its
pre-existing die() function instead.
Signed-off-by: Simon McVittie <smcv@collabora.com>
These previously relied on embedding test-specific code in libdbus,
but they actually only need public APIs, private interfaces that get
exported anyway for the benefit of dbus-daemon, and the TAP helpers;
so we can run them even in production builds.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This lets us run a subset of the tests that previously relied on extra
test-only code being compiled into libdbus.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This avoids unexpected precedence when used as the body of an "if" or
"else" without being wrapped in {}.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Debian 8 'jessie' has reached EOL for mainstream security support,
which puts it outside our usual distribution/OS support policy.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Previously, we built on Debian 9 'stretch' by default, and on
Debian 10 'buster' only on request. Let's reverse that so that we get
more modern toolchains, before Debian 9 'stretch' reaches EOL.
Signed-off-by: Simon McVittie <smcv@collabora.com>
POSIX.1-2001 and POSIX.1-2008 specifies include <poll.h> so use that
rather than the non-standard/legacy include <sys/poll.h>.
This fixes the following warnings when building with musl libc:
1 | #warning redirecting incorrect #include <sys/poll.h> to <poll.h>
| ^~~~~~~
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Use getrandom(2) and fall back to /dev/urandom if it is missing or if it
fails some any reason.
This solves problem where dbus-uuidgen is called from a chroot which
lacks /dev/urandom.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
As suggested on !143. Instead of remembering to free it in every error
condition, let's move its cleanup to the "out" phase so that it's done
every time.
Change the iterator variable tmp to be const so that it's obvious we
aren't meant to free that too.
Signed-off-by: Simon McVittie <smcv@collabora.com>
If we ran out of memory while handling connect() errors, we didn't
free the linked list of struct addrinfo. Move their cleanup to the
"out" phase of the function so that we always do it.
While I'm there, change the iterator variable tmp to be const, to make
it more obvious that we aren't meant to free it.
This is similar to commit 00badeba (!143) in the corresponding Windows
code path, but with some refactoring.
Signed-off-by: Simon McVittie <smcv@collabora.com>
If there is no more memory available within the mentiond function, e.g.,
when checking memory management, the release of memory allocated by
getaddrinfo() is missing.
Coverity CID: 354880
Each connection that is an active monitor holds a pointer to its own
link in this list, via BusConnectionData.link_in_monitors. We can't
validly free the list while these pointers exist: that would be a
use-after-free, when each connection gets disconnected and tries to
remove itself from the list.
Instead, let each connection remove itself from the list, then assert
that the list has become empty.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Resolves: https://gitlab.freedesktop.org/dbus/dbus/issues/291
Instead of creating a fixed memory area on the stack that can lead to
a stack overflow if exceeded, this configuration now uses a DBusString
instance that dynamically manages memory.
Resolves: https://gitlab.freedesktop.org/dbus/dbus/issues/45
This doesn't verify that they're atomic, but does verify that they
return the right things.
This commit adds a new test function _dbus_test_check (a) to make
writing tests easier. It checks the given boolean expression and
generates a "not ok" test result if the expression is false.
Due to the current design of the test api, the test is only compiled
if embedded tests were enabled at the time of configuration.
It was also necessary to move the test_atomic target definitions in
test/Makefile.am to the --enable-embedded-tests section to avoid a
make distcheck build error.
The test case itself has been authored by smcv.
Co-authored-by: Simon McVittie <smcv@collabora.com>
This needs new atomic primitives: we don't have "set to a value",
and in fact that's a bit annoying to implement in terms of gcc
intrinsics. "Set to 0" and "set to nonzero" are easy, though.
Currently, if the "dbus" security class or the associated AV doesn't
exist, dbus-daemon fails to initialize and exits immediately. Also the
security classes or access vector cannot be reordered in the policy.
This can be a problem for people developing their own policy or trying
to access a machine where, for some reasons, there is not policy defined
at all.
The code here copy the behaviour of the selinux_check_access() function.
We cannot use this function here as it doesn't allow us to define the
AVC entry reference.
See the discussion at https://marc.info/?l=selinux&m=152163374332372&w=2
Resolves: https://gitlab.freedesktop.org/dbus/dbus/issues/198
