[lintian] 02/06: dbus: capture <policy> for each <allow> or <deny> rule

To: debian-lint-maint@lists.debian.org
Subject: [lintian] 02/06: dbus: capture <policy> for each <allow> or <deny> rule
From: Niels Thykier <nthykier@moszumanska.debian.org>
Date: Thu, 29 Jan 2015 22:04:00 +0000
Message-id: <[🔎] E1YGxBw-0007js-Uo@moszumanska.debian.org>
Reply-to: Simon McVittie <smcv@debian.org>
In-reply-to: <[🔎] 20150129220400.29672.54792@moszumanska.debian.org>
References: <[🔎] 20150129220400.29672.54792@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

nthykier pushed a commit to branch master
in repository lintian.

commit b5bb0b11edb3ab2c7fc58c6e73b64cecb4d7c8aa
Author: Simon McVittie <smcv@debian.org>
Date:   Mon Jan 5 16:49:51 2015 +0000

    dbus: capture <policy> for each <allow> or <deny> rule
    
    Seeing a rule that says <allow send_interface="x.y.z"/>
    doesn't tell you whether it is
    <policy user="root"><allow send_interface="x.y.z"/> (usually an
    anti-pattern, but sometimes necessary for the "agent" pattern as seen
    in BlueZ) or <policy context="default"><allow send_interface="x.y.z"/>
    (which should ring alarm bells).
    
    To solve this, capture the enclosing <policy> for each <allow> or
    <deny> rule.
    
    This also means our output for the at_console check can indicate
    precisely which rules apply to console users.
---
 checks/dbus.pm                                     | 31 +++++++++++++++-------
 .../debian/etc/dbus-1/system.d/at-console.conf     |  2 ++
 t/tests/dbus-policy/tags                           |  9 ++++---
 3 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/checks/dbus.pm b/checks/dbus.pm
index 23ea0cd..2aecae8 100644
--- a/checks/dbus.pm
+++ b/checks/dbus.pm
@@ -70,20 +70,33 @@ sub _check_policy {
     # note that we are parsing the entire file as one big string,
     # so that we catch <policy\nat_console="true"\n> or whatever.
 
-    if ($xml =~ m{<policy[^>]+at_console=(["'])true\1.*?</policy>}s) {
-        tag('dbus-policy-at-console', $file);
-    }
-
     my @rules;
-    while ($xml =~ m{(<(?:allow|deny)[^>]+send_\w+=[^>]+>)}sg) {
-        push(@rules, $1);
+    # a small rubbish state machine: we want to match a <policy> containing
+    # any <allow> or <deny> rule that is about sending
+    my $policy = '';
+    while ($xml =~ m{(<policy[^>]*>)|(</policy\s*>)|(<(?:allow|deny)[^>]*>)}sg)
+    {
+        if (defined $1) {
+            $policy = $1;
+        } elsif (defined $2) {
+            $policy = '';
+        } else {
+            push(@rules, $policy.$3);
+        }
     }
     foreach my $rule (@rules) {
-        if ($rule !~ m{send_destination=}) {
-            # normalize whitespace a bit
-            $rule =~ s{\s+}{ }g;
+        # normalize whitespace a bit so we can report it sensibly:
+        # typically it will now look like
+        # <policy context="default"><allow send_destination="com.example.Foo"/>
+        $rule =~ s{\s+}{ }g;
+
+        if ($rule =~ m{send_} && $rule !~ m{send_destination=}) {
             tag('dbus-policy-without-send-destination', $file, $rule);
         }
+
+        if ($rule =~ m{at_console=['"]true}) {
+            tag('dbus-policy-at-console', $file, $rule);
+        }
     }
 
     return;
diff --git a/t/tests/dbus-policy/debian/etc/dbus-1/system.d/at-console.conf b/t/tests/dbus-policy/debian/etc/dbus-1/system.d/at-console.conf
index 06d96c8..8c47adb 100644
--- a/t/tests/dbus-policy/debian/etc/dbus-1/system.d/at-console.conf
+++ b/t/tests/dbus-policy/debian/etc/dbus-1/system.d/at-console.conf
@@ -4,10 +4,12 @@
   <!-- this is OK, at least for now -->
   <policy group="bluetooth">
     <allow send_destination="com.example.Service"/>
+    <allow send_destination="com.example.Other"/>
   </policy>
 
   <!-- this is deprecated -->
   <policy at_console="true">
     <allow send_destination="com.example.Service"/>
+    <allow send_destination="com.example.Other"/>
   </policy>
 </busconfig>
diff --git a/t/tests/dbus-policy/tags b/t/tests/dbus-policy/tags
index 0705661..f9028e6 100644
--- a/t/tests/dbus-policy/tags
+++ b/t/tests/dbus-policy/tags
@@ -1,4 +1,5 @@
-X: dbus-policy: dbus-policy-at-console etc/dbus-1/system.d/at-console.conf
-X: dbus-policy: dbus-policy-without-send-destination etc/dbus-1/system.d/send-destination.conf <allow send_interface="org.freedesktop.DBus.ObjectManager"/>
-X: dbus-policy: dbus-policy-without-send-destination etc/dbus-1/system.d/send-destination.conf <allow send_member="AreYouReallySureThisMethodIsAlwaysOK"/>
-X: dbus-policy: dbus-policy-without-send-destination etc/dbus-1/system.d/send-destination.conf <allow send_path="/com/example/Here"/>
+X: dbus-policy: dbus-policy-at-console etc/dbus-1/system.d/at-console.conf <policy at_console="true"><allow send_destination="com.example.Other"/>
+X: dbus-policy: dbus-policy-at-console etc/dbus-1/system.d/at-console.conf <policy at_console="true"><allow send_destination="com.example.Service"/>
+X: dbus-policy: dbus-policy-without-send-destination etc/dbus-1/system.d/send-destination.conf <policy context="default"><allow send_interface="org.freedesktop.DBus.ObjectManager"/>
+X: dbus-policy: dbus-policy-without-send-destination etc/dbus-1/system.d/send-destination.conf <policy context="default"><allow send_member="AreYouReallySureThisMethodIsAlwaysOK"/>
+X: dbus-policy: dbus-policy-without-send-destination etc/dbus-1/system.d/send-destination.conf <policy context="default"><allow send_path="/com/example/Here"/>

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git

Reply to:

References:
- [lintian] branch master updated (c763422 -> 2deee57)
  - From: Niels Thykier <nthykier@moszumanska.debian.org>

Prev by Date: [lintian] 04/06: dbus: add a new tag for excessively broad match rules
Next by Date: [lintian] 06/06: t: Add missing tag in Test-For
Previous by thread: [lintian] 04/06: dbus: add a new tag for excessively broad match rules
Next by thread: [lintian] 06/06: t: Add missing tag in Test-For
Index(es):
- Date
- Thread