Reject all but BlueZ calls on /org/bluez endpoints

Author: arkq

.github/workflows/build-and-test.yaml

@@ -69,7 +69,7 @@ jobs:
   sanitize-prepare:
     runs-on: ubuntu-22.04
     steps:
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       id: cache
       with:
         key: sanitize-env
@@ -153,7 +153,7 @@ jobs:
         make clean
         SANITIZERS=$(for x in ${{ matrix.sanitize }}; do echo -n " -fsanitize=$x"; done)
         make check CFLAGS="-g -O2 $SANITIZERS -fno-sanitize-recover=all" TESTS=
-    - uses: actions/cache/restore@v3
+    - uses: actions/cache/restore@v4
       if: ${{ matrix.sanitize == 'thread' }}
       with:
         key: sanitize-env

doc/bluealsa-cli.1.rst

@@ -89,7 +89,7 @@ info *PCM_PATH*
     The list of available A2DP codecs requires BlueZ SEP support
     (BlueZ >= 5.52)
 
-codec [--force] *PCM_PATH* [*CODEC*[:*CONFIG*]]
+codec [--force] *PCM_PATH* [*CODEC*\ [:*CONFIG*]]
     Get or set the Bluetooth codec used by the given PCM.
 
     If *CODEC* is given, change the codec to be used by the given PCM. This

src/ba-transport.c

@@ -288,14 +288,10 @@ static int transport_acquire_bt_a2dp(struct ba_transport *t) {
 			t->a2dp.state == BLUEZ_A2DP_TRANSPORT_STATE_PENDING ? "TryAcquire" : "Acquire");
 
 	if ((rep = g_dbus_connection_send_message_with_reply_sync(config.dbus, msg,
-					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, &err)) == NULL)
+					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, &err)) == NULL ||
+			g_dbus_message_to_gerror(rep, &err))
 		goto fail;
 
-	if (g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-		g_dbus_message_to_gerror(rep, &err);
-		goto fail;
-	}
-
 	uint16_t mtu_read, mtu_write;
 	g_variant_get(g_dbus_message_get_body(rep), "(hqq)",
 			NULL, &mtu_read, &mtu_write);
@@ -351,11 +347,8 @@ static int transport_release_bt_a2dp(struct ba_transport *t) {
 				BLUEZ_IFACE_MEDIA_TRANSPORT, "Release");
 
 		if ((rep = g_dbus_connection_send_message_with_reply_sync(config.dbus, msg,
-						G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, &err)) == NULL)
-			goto fail;
-
-		if (g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-			g_dbus_message_to_gerror(rep, &err);
+						G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, &err)) == NULL ||
+				g_dbus_message_to_gerror(rep, &err)) {
 			if (err->code == G_DBUS_ERROR_NO_REPLY ||
 					err->code == G_DBUS_ERROR_SERVICE_UNKNOWN ||
 					err->code == G_DBUS_ERROR_UNKNOWN_OBJECT) {

src/bluez.c

@@ -1,6 +1,6 @@
 /*
  * BlueALSA - bluez.c
- * Copyright (c) 2016-2023 Arkadiusz Bokowy
+ * Copyright (c) 2016-2024 Arkadiusz Bokowy
  *
  * This file is a part of bluez-alsa.
  *
@@ -91,20 +91,27 @@ struct bluez_adapter {
 static pthread_mutex_t bluez_mutex = PTHREAD_MUTEX_INITIALIZER;
 static GHashTable *dbus_object_data_map = NULL;
 static struct bluez_adapter bluez_adapters[HCI_MAX_DEV] = { 0 };
+static char bluez_dbus_unique_name[64] = "";
 
 static void bluez_register_a2dp_all(struct ba_adapter *);
 
 static void bluez_register_media_application_finish(GObject *source,
 		GAsyncResult *result, void *userdata) {
 	(void)userdata;
 
+	GDBusMessage *rep;
 	GError *err = NULL;
-	GDBusMessage *rep = g_dbus_connection_send_message_with_reply_finish(
-			G_DBUS_CONNECTION(source), result, &err);
-	if (rep != NULL &&
-			g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR)
-		g_dbus_message_to_gerror(rep, &err);
 
+	if ((rep = g_dbus_connection_send_message_with_reply_finish(
+					G_DBUS_CONNECTION(source), result, &err)) == NULL ||
+			g_dbus_message_to_gerror(rep, &err))
+		goto fail;
+
+	/* Save sender (BlueZ) unique name for calls filtering. */
+	const char *sender = g_dbus_message_get_sender(rep);
+	strncpy(bluez_dbus_unique_name, sender, sizeof(bluez_dbus_unique_name) - 1);
+
+fail:
 	if (rep != NULL)
 		g_object_unref(rep);
 	if (err != NULL) {
@@ -146,12 +153,12 @@ static void bluez_register_battery_provider_finish(GObject *source,
 		GAsyncResult *result, void *userdata) {
 	(void)userdata;
 
+	GDBusMessage *rep;
 	GError *err = NULL;
-	GDBusMessage *rep = g_dbus_connection_send_message_with_reply_finish(
-			G_DBUS_CONNECTION(source), result, &err);
-	if (rep != NULL &&
-			g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-		g_dbus_message_to_gerror(rep, &err);
+
+	if ((rep = g_dbus_connection_send_message_with_reply_finish(
+					G_DBUS_CONNECTION(source), result, &err)) == NULL ||
+			g_dbus_message_to_gerror(rep, &err)) {
 		if (err->code == G_DBUS_ERROR_UNKNOWN_METHOD) {
 			/* Suppress warning message in case when BlueZ has no battery provider
 			 * support enabled, because it's not a mandatory feature. */
@@ -658,12 +665,16 @@ static void bluez_export_a2dp(
 
 	static const GDBusMethodCallDispatcher dispatchers[] = {
 		{ .method = "SelectConfiguration",
+			.sender = bluez_dbus_unique_name,
 			.handler = bluez_endpoint_select_configuration },
 		{ .method = "SetConfiguration",
+			.sender = bluez_dbus_unique_name,
 			.handler = bluez_endpoint_set_configuration },
 		{ .method = "ClearConfiguration",
+			.sender = bluez_dbus_unique_name,
 			.handler = bluez_endpoint_clear_configuration },
 		{ .method = "Release",
+			.sender = bluez_dbus_unique_name,
 			.handler = bluez_endpoint_release },
 		{ 0 },
 	};
@@ -983,7 +994,7 @@ static int bluez_register_profile(
 		GError **error) {
 
 	GDBusMessage *msg = NULL, *rep = NULL;
-	int ret = 0;
+	int ret = -1;
 
 	debug("Registering hands-free profile: %s", dbus_obj->path);
 
@@ -1002,20 +1013,17 @@ static int bluez_register_profile(
 	g_variant_builder_clear(&options);
 
 	if ((rep = g_dbus_connection_send_message_with_reply_sync(config.dbus, msg,
-					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL)
+					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL ||
+			g_dbus_message_to_gerror(rep, error))
 		goto fail;
 
-	if (g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-		g_dbus_message_to_gerror(rep, error);
-		goto fail;
-	}
+	/* Save sender (BlueZ) unique name for calls filtering. */
+	const char *sender = g_dbus_message_get_sender(rep);
+	strncpy(bluez_dbus_unique_name, sender, sizeof(bluez_dbus_unique_name) - 1);
 
-	goto final;
+	ret = 0;
 
 fail:
-	ret = -1;
-
-final:
 	if (msg != NULL)
 		g_object_unref(msg);
 	if (rep != NULL)
@@ -1034,10 +1042,13 @@ static void bluez_register_hfp(
 
 	static const GDBusMethodCallDispatcher dispatchers[] = {
 		{ .method = "NewConnection",
+			.sender = bluez_dbus_unique_name,
 			.handler = bluez_profile_new_connection },
 		{ .method = "RequestDisconnection",
+			.sender = bluez_dbus_unique_name,
 			.handler = bluez_profile_request_disconnection },
 		{ .method = "Release",
+			.sender = bluez_dbus_unique_name,
 			.handler = bluez_profile_release },
 		{ 0 },
 	};
@@ -1655,14 +1666,10 @@ bool bluez_a2dp_set_configuration(
 	pthread_mutex_unlock(&bluez_mutex);
 
 	if ((rep = g_dbus_connection_send_message_with_reply_sync(config.dbus, msg,
-					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL)
+					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL ||
+			g_dbus_message_to_gerror(rep, error))
 		goto fail;
 
-	if (g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-		g_dbus_message_to_gerror(rep, error);
-		goto fail;
-	}
-
 	rv = true;
 
 fail:

src/dbus.c

@@ -1,6 +1,6 @@
 /*
  * BlueALSA - dbus.c
- * Copyright (c) 2016-2023 Arkadiusz Bokowy
+ * Copyright (c) 2016-2024 Arkadiusz Bokowy
  *
  * This file is a part of bluez-alsa.
  *
@@ -51,7 +51,8 @@ static bool g_dbus_dispatch_method_call(const GDBusMethodCallDispatcher *dispatc
 	}
 
 	/* make sure that we will not leak the invocation object */
-	g_dbus_method_invocation_return_value(invocation, NULL);
+	g_dbus_method_invocation_return_error(invocation, G_DBUS_ERROR,
+			G_DBUS_ERROR_UNKNOWN_METHOD, "Unknown method: %s.%s()", interface, method);
 	return false;
 }
 
@@ -179,14 +180,10 @@ GVariantIter *g_dbus_get_managed_objects(GDBusConnection *conn,
 			DBUS_IFACE_OBJECT_MANAGER, "GetManagedObjects");
 
 	if ((rep = g_dbus_connection_send_message_with_reply_sync(conn, msg,
-					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL)
+					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL ||
+			g_dbus_message_to_gerror(rep, error))
 		goto fail;
 
-	if (g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-		g_dbus_message_to_gerror(rep, error);
-		goto fail;
-	}
-
 	g_variant_get(g_dbus_message_get_body(rep), "(a{oa{sa{sv}}})", &objects);
 
 fail:
@@ -222,13 +219,9 @@ GVariant *g_dbus_get_property(GDBusConnection *conn, const char *service,
 	g_dbus_message_set_body(msg, g_variant_new("(ss)", interface, property));
 
 	if ((rep = g_dbus_connection_send_message_with_reply_sync(conn, msg,
-					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL)
-		goto fail;
-
-	if (g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-		g_dbus_message_to_gerror(rep, error);
+					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL ||
+			g_dbus_message_to_gerror(rep, error))
 		goto fail;
-	}
 
 	g_variant_get(g_dbus_message_get_body(rep), "(v)", &value);
 
@@ -258,18 +251,17 @@ bool g_dbus_set_property(GDBusConnection *conn, const char *service,
 		const GVariant *value, GError **error) {
 
 	GDBusMessage *msg = NULL, *rep = NULL;
+	bool rv = false;
 
 	msg = g_dbus_message_new_method_call(service, path, DBUS_IFACE_PROPERTIES, "Set");
 	g_dbus_message_set_body(msg, g_variant_new("(ssv)", interface, property, value));
 
 	if ((rep = g_dbus_connection_send_message_with_reply_sync(conn, msg,
-					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL)
+					G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, error)) == NULL ||
+			g_dbus_message_to_gerror(rep, error))
 		goto fail;
 
-	if (g_dbus_message_get_message_type(rep) == G_DBUS_MESSAGE_TYPE_ERROR) {
-		g_dbus_message_to_gerror(rep, error);
-		goto fail;
-	}
+	rv = true;
 
 fail:
 
@@ -278,5 +270,5 @@ bool g_dbus_set_property(GDBusConnection *conn, const char *service,
 	if (rep != NULL)
 		g_object_unref(rep);
 
-	return error == NULL;
+	return rv;
 }