Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

validators: allow spaces in dbus property names #329

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

FakeShell
Copy link

pretty self explanatory. dbus property names can have spaces in them (its a legal character), an example is mmsd and all its implementations (mmsd-tng and mmsd4ofono)
https://gitlab.com/kop316/mmsd/-/blob/master/doc/message-api.txt?ref_type=heads#L66

a similar patch was applied to dbus-next for my mmsd4ofono implementation
property:
https://github.com/FuriLabs/mmsd4ofono/blob/trixie/mmsd/ofono_mms_message.py#L97

dbus next patch:
FuriLabs/python-dbus-next@558fdec

@@ -10,7 +10,7 @@

_bus_name_re = re.compile(r"^[A-Za-z_-][A-Za-z0-9_-]*$")
_path_re = re.compile(r"^[A-Za-z0-9_]+$")
_element_re = re.compile(r"^[A-Za-z_][A-Za-z0-9_]*$")
_element_re = re.compile(r"^[A-Za-z_][A-Za-z0-9_ ]*$")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you point out where the spec allows spaces?

It doesn't appear to based on how I'm reading it

https://dbus.freedesktop.org/doc/dbus-specification.html

Each element must only contain the ASCII characters "[A-Z][a-z][0-9]_"

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like even though the spec doesn't allow for this, real-world use cases do require it, which is kinda irritating... The crux of the issue is that we don't want to have to distribute a patched version of dbus-fast to be able to expose interfaces that are compatible with these real-world use cases -- and getting everyone to abide by the spec and do the right thing would be a big undertaking; they could just say "nah not interested in patching this, it works fine for me".

Maybe an alternative solution would be to allow to bypass/replace this validator from user code? That way people can't accidentally disobey the spec but a escape hatch would be available for those who know what they are doing.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe its OK to accept this change (assuming we also get some tests)

I asked other members to take a look in case there is a security impact I'm not thinking about

@bdraco bdraco requested review from dlech and mdegat01 November 15, 2024 13:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants