From 7d65f6c5a20f67aa9a857d0f7b0bf5de4d75be9b Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Wed, 8 May 2024 14:46:08 +0000
Subject: [PATCH] gdbusconnection: Allow name owners to have the syntax of a
 well-known name

In a D-Bus-Specification-compliant message bus, the owner of a well-known
name is a unique name. However, ibus has its own small implementation
of a message bus (src/ibusbus.c) in which org.freedesktop.IBus is
special-cased to also have itself as its owner (like org.freedesktop.DBus
on a standard message bus), and connects to that bus with the
G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION flag. The ability to do
this regressed when CVE-2024-34397 was fixed.

Relax the checks to allow the owner of a well-known name to be any valid
D-Bus name, even if it is not syntactically a unique name.

Fixes: 683b14b9 "gdbus: Track name owners for signal subscriptions"
Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/3353
Bug-Debian: https://bugs.debian.org/1070730
Bug-Debian: https://bugs.debian.org/1070736
Bug-Debian: https://bugs.debian.org/1070743
Bug-Debian: https://bugs.debian.org/1070745
Signed-off-by: Simon McVittie <smcv@debian.org>
---
 gio/gdbusconnection.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

--- a/gio/gdbusconnection.c
+++ b/gio/gdbusconnection.c
@@ -2402,7 +2402,10 @@ name_watcher_deliver_name_owner_changed_
       /* Our caller already checked this */
       g_assert (g_strcmp0 (name_watcher->arg0, name) == 0);
 
-      if (G_LIKELY (new_owner[0] == '\0' || g_dbus_is_unique_name (new_owner)))
+      /* FIXME: This should be validating that `new_owner` is a unique name,
+       * but IBus’ implementation of a message bus is not compliant with the spec.
+       * See https://gitlab.gnome.org/GNOME/glib/-/issues/3353 */
+      if (G_LIKELY (new_owner[0] == '\0' || g_dbus_is_name (new_owner)))
         name_watcher_set_name_owner_unlocked (name_watcher, new_owner);
       else
         g_warning ("Received NameOwnerChanged signal with invalid owner \"%s\" for \"%s\"",
@@ -2454,7 +2457,10 @@ name_watcher_deliver_get_name_owner_repl
 
       g_variant_get (body, "(&s)", &new_owner);
 
-      if (G_LIKELY (g_dbus_is_unique_name (new_owner)))
+      /* FIXME: This should be validating that `new_owner` is a unique name,
+       * but IBus’ implementation of a message bus is not compliant with the spec.
+       * See https://gitlab.gnome.org/GNOME/glib/-/issues/3353 */
+      if (G_LIKELY (g_dbus_is_name (new_owner)))
         name_watcher_set_name_owner_unlocked (name_watcher, new_owner);
       else
         g_warning ("Received GetNameOwner reply with invalid owner \"%s\" for \"%s\"",