view libpurple/protocols/bonjour/mdns_win32.c @ 20852:6cc03752fe59

Fix CID 337, null pointer deref. Also plug a leak.
author Daniel Atallah <daniel.atallah@gmail.com>
date Tue, 09 Oct 2007 23:01:11 +0000
parents 53691c081eab
children 8b74b226e023
line wrap: on
line source

/*
 *
 * Purple is the legal property of its developers, whose names are too numerous
 * to list here.  Please refer to the COPYRIGHT file distributed with this
 * source distribution.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Library General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301, USA.
 */

#include "internal.h"
#include "debug.h"

#include "buddy.h"
#include "mdns_interface.h"
#include "dns_sd_proxy.h"
#include "dnsquery.h"
#include "mdns_common.h"


/* data structure for the resolve callback */
typedef struct _ResolveCallbackArgs {
	DNSServiceRef resolver;
	guint resolver_handler;
	gchar *full_service_name;

	PurpleDnsQueryData *query;

	BonjourBuddy* buddy;
} ResolveCallbackArgs;

/* data used by win32 bonjour implementation */
typedef struct _win32_session_impl_data {
	DNSServiceRef presence_svc;
	DNSServiceRef browser_svc;
	DNSRecordRef buddy_icon_rec;

	guint presence_handler;
	guint browser_handler;
} Win32SessionImplData;

typedef struct _win32_buddy_impl_data {
	DNSServiceRef txt_query;
	guint txt_query_handler;
	DNSServiceRef null_query;
	guint null_query_handler;
} Win32BuddyImplData;

static void
_mdns_handle_event(gpointer data, gint source, PurpleInputCondition condition) {
	DNSServiceProcessResult((DNSServiceRef) data);
}

static void
_mdns_parse_text_record(BonjourBuddy* buddy, const char* record, uint16_t record_len)
{
	const char *txt_entry;
	uint8_t txt_len;
	int i;

	clear_bonjour_buddy_values(buddy);
	for (i = 0; buddy_TXT_records[i] != NULL; i++) {
		txt_entry = TXTRecordGetValuePtr(record_len, record, buddy_TXT_records[i], &txt_len);
		if (txt_entry != NULL)
			set_bonjour_buddy_value(buddy, buddy_TXT_records[i], txt_entry, txt_len);
	}
}

static void DNSSD_API
_mdns_record_query_callback(DNSServiceRef DNSServiceRef, DNSServiceFlags flags,
	uint32_t interfaceIndex, DNSServiceErrorType errorCode, const char *fullname,
	uint16_t rrtype, uint16_t rrclass, uint16_t rdlen, const void *rdata,
	uint32_t ttl, void *context)
{

	if (kDNSServiceErr_NoError != errorCode) {
		purple_debug_error("bonjour", "record query - callback error.\n");
		/* TODO: Probably should remove the buddy when this happens */
	} else if (flags & kDNSServiceFlagsAdd) {
		if (rrtype == kDNSServiceType_TXT) {
			/* New Buddy */
			BonjourBuddy *bb = (BonjourBuddy*) context;
			_mdns_parse_text_record(bb, rdata, rdlen);
			bonjour_buddy_add_to_purple(bb, NULL);
		} else if (rrtype == kDNSServiceType_NULL) {
			/* Buddy Icon response */
			BonjourBuddy *bb = (BonjourBuddy*) context;
			Win32BuddyImplData *idata = bb->mdns_impl_data;

			g_return_if_fail(idata != NULL);

			bonjour_buddy_got_buddy_icon(bb, rdata, rdlen);

			/* We've got what we need; stop listening */
			purple_input_remove(idata->null_query_handler);
			idata->null_query_handler = 0;
			DNSServiceRefDeallocate(idata->null_query);
			idata->null_query = NULL;
		}
	}
}

static void
_mdns_resolve_host_callback(GSList *hosts, gpointer data, const char *error_message)
{
	ResolveCallbackArgs* args = (ResolveCallbackArgs*)data;
	BonjourBuddy* bb = args->buddy;

	if (!hosts || !hosts->data) {
		purple_debug_error("bonjour", "host resolution - callback error.\n");
		bonjour_buddy_delete(bb);
	} else {
		struct sockaddr_in *addr = (struct sockaddr_in*)g_slist_nth_data(hosts, 1);
		Win32BuddyImplData *idata = bb->mdns_impl_data;

		g_return_if_fail(idata != NULL);

		g_free(bb->ip);
		bb->ip = g_strdup(inet_ntoa(addr->sin_addr));

		/* finally, set up the continuous txt record watcher, and add the buddy to purple */

		if (kDNSServiceErr_NoError == DNSServiceQueryRecord(&idata->txt_query, kDNSServiceFlagsLongLivedQuery,
				kDNSServiceInterfaceIndexAny, args->full_service_name, kDNSServiceType_TXT,
				kDNSServiceClass_IN, _mdns_record_query_callback, bb)) {

			purple_debug_info("bonjour", "Found buddy %s at %s:%d\n", bb->name, bb->ip, bb->port_p2pj);

			idata->txt_query_handler = purple_input_add(DNSServiceRefSockFD(idata->txt_query),
				PURPLE_INPUT_READ, _mdns_handle_event, idata->txt_query);

			bonjour_buddy_add_to_purple(bb, NULL);
		} else
			bonjour_buddy_delete(bb);

	}

	/* free the hosts list*/
	g_slist_free(hosts);

	/* free the remaining args memory */
	purple_dnsquery_destroy(args->query);
	g_free(args->full_service_name);
	g_free(args);
}

static void DNSSD_API
_mdns_service_resolve_callback(DNSServiceRef sdRef, DNSServiceFlags flags, uint32_t interfaceIndex, DNSServiceErrorType errorCode,
    const char *fullname, const char *hosttarget, uint16_t port, uint16_t txtLen, const char *txtRecord, void *context)
{
	ResolveCallbackArgs *args = (ResolveCallbackArgs*)context;

	/* remove the input fd and destroy the service ref */
	purple_input_remove(args->resolver_handler);
	DNSServiceRefDeallocate(args->resolver);

	if (kDNSServiceErr_NoError != errorCode)
	{
		purple_debug_error("bonjour", "service resolver - callback error.\n");
		bonjour_buddy_delete(args->buddy);
		g_free(args);
	}
	else
	{
		args->buddy->port_p2pj = ntohs(port);

		/* parse the text record */
		_mdns_parse_text_record(args->buddy, txtRecord, txtLen);

		/* set more arguments, and start the host resolver */
		args->full_service_name = g_strdup(fullname);

		if (!(args->query =
			purple_dnsquery_a(hosttarget, port, _mdns_resolve_host_callback, args)))
		{
			purple_debug_error("bonjour", "service resolver - host resolution failed.\n");
			bonjour_buddy_delete(args->buddy);
			g_free(args->full_service_name);
			g_free(args);
		}
	}

}

static void DNSSD_API
_mdns_service_register_callback(DNSServiceRef sdRef, DNSServiceFlags flags, DNSServiceErrorType errorCode,
				const char *name, const char *regtype, const char *domain, void *context) {

	/* TODO: deal with collision */
	if (kDNSServiceErr_NoError != errorCode)
		purple_debug_error("bonjour", "service advertisement - callback error (%d).\n", errorCode);
	else
		purple_debug_info("bonjour", "service advertisement - callback.\n");
}

static void DNSSD_API
_mdns_service_browse_callback(DNSServiceRef sdRef, DNSServiceFlags flags, uint32_t interfaceIndex,
    DNSServiceErrorType errorCode, const char *serviceName, const char *regtype, const char *replyDomain, void *context)
{
	PurpleAccount *account = (PurpleAccount*)context;
	PurpleBuddy *pb = NULL;

	if (kDNSServiceErr_NoError != errorCode)
		purple_debug_error("bonjour", "service browser - callback error\n");
	else if (flags & kDNSServiceFlagsAdd) {
		/* A presence service instance has been discovered... check it isn't us! */
		if (purple_utf8_strcasecmp(serviceName, account->username) != 0) {
			/* OK, lets go ahead and resolve it to add to the buddy list */
			ResolveCallbackArgs *args = g_new0(ResolveCallbackArgs, 1);
			args->buddy = bonjour_buddy_new(serviceName, account);

			if (kDNSServiceErr_NoError != DNSServiceResolve(&args->resolver, 0, 0, serviceName, regtype,
					replyDomain, _mdns_service_resolve_callback, args)) {
				bonjour_buddy_delete(args->buddy);
				g_free(args);
				purple_debug_error("bonjour", "service browser - failed to resolve service.\n");
			} else {
				/* get a file descriptor for this service ref, and add it to the input list */
				gint fd = DNSServiceRefSockFD(args->resolver);
				args->resolver_handler = purple_input_add(fd, PURPLE_INPUT_READ, _mdns_handle_event, args->resolver);
			}
		}
	} else {
		/* A peer has sent a goodbye packet, remove them from the buddy list */
		purple_debug_info("bonjour", "service browser - remove notification\n");
		pb = purple_find_buddy(account, serviceName);
		if (pb != NULL)
			purple_blist_remove_buddy(pb);
	}
}

/****************************
 * mdns_interface functions *
 ****************************/

gboolean _mdns_init_session(BonjourDnsSd *data) {
	data->mdns_impl_data = g_new0(Win32SessionImplData, 1);
	return TRUE;
}

gboolean _mdns_publish(BonjourDnsSd *data, PublishType type, GSList *records) {
	TXTRecordRef dns_data;
	gboolean ret = TRUE;
	DNSServiceErrorType set_ret = kDNSServiceErr_NoError;
	Win32SessionImplData *idata = data->mdns_impl_data;

	g_return_val_if_fail(idata != NULL, FALSE);

	TXTRecordCreate(&dns_data, 256, NULL);

	while (records) {
		PurpleKeyValuePair *kvp = records->data;
		set_ret = TXTRecordSetValue(&dns_data, kvp->key, strlen(kvp->value), kvp->value);
		if (set_ret != kDNSServiceErr_NoError)
			break;
		records = records->next;
	}

	if (set_ret != kDNSServiceErr_NoError) {
		purple_debug_error("bonjour", "Unable to allocate memory for text record.\n");
		ret = FALSE;
	} else {
		DNSServiceErrorType err = kDNSServiceErr_NoError;

		/* OK, we're done constructing the text record, (re)publish the service */

		switch (type) {
			case PUBLISH_START:
				purple_debug_info("bonjour", "Registering presence on port %d\n", data->port_p2pj);
				err = DNSServiceRegister(&idata->presence_svc, 0, 0, purple_account_get_username(data->account), ICHAT_SERVICE,
					NULL, NULL, htons(data->port_p2pj), TXTRecordGetLength(&dns_data), TXTRecordGetBytesPtr(&dns_data),
					_mdns_service_register_callback, NULL);
				break;

			case PUBLISH_UPDATE:
				purple_debug_info("bonjour", "Updating presence.\n");
				err = DNSServiceUpdateRecord(idata->presence_svc, NULL, 0, TXTRecordGetLength(&dns_data), TXTRecordGetBytesPtr(&dns_data), 0);
				break;
		}

		if (err != kDNSServiceErr_NoError) {
			purple_debug_error("bonjour", "Failed to publish presence service.\n");
			ret = FALSE;
		} else if (type == PUBLISH_START) {
			/* We need to do this because according to the Apple docs:
			 * "the client is responsible for ensuring that DNSServiceProcessResult() is called
			 * whenever there is a reply from the daemon - the daemon may terminate its connection
			 * with a client that does not process the daemon's responses */
			idata->presence_handler = purple_input_add(DNSServiceRefSockFD(idata->presence_svc),
				PURPLE_INPUT_READ, _mdns_handle_event, idata->presence_svc);
		}
	}

	/* Free the memory used by temp data */
	TXTRecordDeallocate(&dns_data);
	return ret;
}

gboolean _mdns_browse(BonjourDnsSd *data) {
	Win32SessionImplData *idata = data->mdns_impl_data;

	g_return_val_if_fail(idata != NULL, FALSE);

	if (DNSServiceBrowse(&idata->browser_svc, 0, 0, ICHAT_SERVICE, NULL,
				 _mdns_service_browse_callback, data->account)
			== kDNSServiceErr_NoError) {
		idata->browser_handler = purple_input_add(DNSServiceRefSockFD(idata->browser_svc),
			PURPLE_INPUT_READ, _mdns_handle_event, idata->browser_svc);
		return TRUE;
	}

	return FALSE;
}

void _mdns_stop(BonjourDnsSd *data) {
	Win32SessionImplData *idata = data->mdns_impl_data;

	if (idata == NULL)
		return;

	if (idata->presence_svc != NULL) {
		purple_input_remove(idata->presence_handler);
		DNSServiceRefDeallocate(idata->presence_svc);
	}

	if (idata->browser_svc != NULL) {
		purple_input_remove(idata->browser_handler);
		DNSServiceRefDeallocate(idata->browser_svc);
	}

	g_free(idata);

	data->mdns_impl_data = NULL;
}

gboolean _mdns_set_buddy_icon_data(BonjourDnsSd *data, gconstpointer avatar_data, gsize avatar_len) {
	Win32SessionImplData *idata = data->mdns_impl_data;
	DNSServiceErrorType err = kDNSServiceErr_NoError;

	g_return_val_if_fail(idata != NULL, FALSE);

	if (avatar_data != NULL && idata->buddy_icon_rec == NULL) {
		purple_debug_info("bonjour", "Setting new buddy icon.\n");
		err = DNSServiceAddRecord(idata->presence_svc, &idata->buddy_icon_rec,
			0, kDNSServiceType_NULL, avatar_len, avatar_data, 0);
	} else if (avatar_data != NULL) {
		purple_debug_info("bonjour", "Updating existing buddy icon.\n");
		err = DNSServiceUpdateRecord(idata->presence_svc, idata->buddy_icon_rec,
			0, avatar_len, avatar_data, 0);
	} else if (idata->buddy_icon_rec != NULL) {
		purple_debug_info("bonjour", "Removing existing buddy icon.\n");
		DNSServiceRemoveRecord(idata->presence_svc, idata->buddy_icon_rec, 0);
		idata->buddy_icon_rec = NULL;
	}

	if (err != kDNSServiceErr_NoError)
		purple_debug_error("bonjour", "Error (%d) setting buddy icon record.\n", err);

	return (err == kDNSServiceErr_NoError);
}

void _mdns_init_buddy(BonjourBuddy *buddy) {
	buddy->mdns_impl_data = g_new0(Win32BuddyImplData, 1);
}

void _mdns_delete_buddy(BonjourBuddy *buddy) {
	Win32BuddyImplData *idata = buddy->mdns_impl_data;

	g_return_if_fail(idata != NULL);

	if (idata->txt_query != NULL) {
		purple_input_remove(idata->txt_query_handler);
		DNSServiceRefDeallocate(idata->txt_query);
	}

	if (idata->null_query != NULL) {
		purple_input_remove(idata->null_query_handler);
		DNSServiceRefDeallocate(idata->null_query);
	}

	g_free(idata);

	buddy->mdns_impl_data = NULL;
}

void _mdns_retrieve_buddy_icon(BonjourBuddy* buddy) {
	Win32BuddyImplData *idata = buddy->mdns_impl_data;
	char svc_name[kDNSServiceMaxDomainName];

	g_return_if_fail(idata != NULL);

	/* Cancel any existing query */
	if (idata->null_query != NULL) {
		purple_input_remove(idata->null_query_handler);
		idata->null_query_handler = 0;
		DNSServiceRefDeallocate(idata->null_query);
		idata->null_query = NULL;
	}

	DNSServiceConstructFullName(svc_name, buddy->name, ICHAT_SERVICE, "local");
	if (kDNSServiceErr_NoError == DNSServiceQueryRecord(&idata->null_query, 0, kDNSServiceInterfaceIndexAny, svc_name,
			kDNSServiceType_NULL, kDNSServiceClass_IN, _mdns_record_query_callback, buddy)) {
		idata->null_query_handler = purple_input_add(DNSServiceRefSockFD(idata->null_query),
			PURPLE_INPUT_READ, _mdns_handle_event, idata->null_query);
	}

}