diff options
| author | Alban Crequy <alban.crequy@collabora.co.uk> | 2014-07-21 17:34:08 +0100 |
|---|---|---|
| committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2014-09-15 12:29:30 +0100 |
| commit | bbf11cd5f92064c7c8af61ad4d9ff41f3a039abc (patch) | |
| tree | 0af92fe58a66363f1c608d8e6f81f18a861a6970 /bus/bus.h | |
| parent | 8ad179a8dad789fc6a5402780044bc0ec3d41115 (diff) | |
| download | dbus-bbf11cd5f92064c7c8af61ad4d9ff41f3a039abc.tar.gz | |
config: add new limit: pending_fd_timeout
This is one of four commits needed to address CVE-2014-3637.
When a file descriptor is passed to dbus-daemon, the associated D-Bus message
might not be fully sent to dbus-daemon yet. Dbus-daemon keeps the file
descriptor in the DBusMessageLoader of the connection, waiting for the rest of
the message. If the client stops sending the remaining bytes, dbus-daemon will
wait forever and keep that file descriptor.
This patch adds pending_fd_timeout (milliseconds) in the configuration to
disconnect a connection after a timeout when a file descriptor was sent but not
the remaining message.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80559
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Diffstat (limited to 'bus/bus.h')
| -rw-r--r-- | bus/bus.h | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -54,6 +54,7 @@ typedef struct long max_message_unix_fds; /**< Max number of unix fds of a single message*/ int activation_timeout; /**< How long to wait for an activation to time out */ int auth_timeout; /**< How long to wait for an authentication to time out */ + int pending_fd_timeout; /**< How long to wait for a D-Bus message with a fd to time out */ int max_completed_connections; /**< Max number of authorized connections */ int max_incomplete_connections; /**< Max number of incomplete connections */ int max_connections_per_user; /**< Max number of connections auth'd as same user */ @@ -106,6 +107,7 @@ BusClientPolicy* bus_context_create_client_policy (BusContext DBusError *error); int bus_context_get_activation_timeout (BusContext *context); int bus_context_get_auth_timeout (BusContext *context); +int bus_context_get_pending_fd_timeout (BusContext *context); int bus_context_get_max_completed_connections (BusContext *context); int bus_context_get_max_incomplete_connections (BusContext *context); int bus_context_get_max_connections_per_user (BusContext *context); |