dbusServices/notifications: Disallow acting on "foreign" IDs

The Notify() and CloseNotification() methods act on a notification, identified by the passed ID. Just like it makes sense to only emit notification signals to the original sender, those methods should be restricted to the notification owner. https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/5008 Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2153>
2022-02-03 02:34:37 +01:00 · 2022-02-03 02:34:37 +01:00 · 35466b0e0a
commit 35466b0e0a
parent 0cbab09044
1 changed files with 24 additions and 0 deletions
--- a/js/dbusServices/notifications/notificationDaemon.js
+++ b/js/dbusServices/notifications/notificationDaemon.js
@ -66,6 +66,22 @@ var NotificationDaemon = class extends ServiceImplementation {
        });
    }

+    _checkNotificationId(invocation, id) {
+        if (id === 0)
+            return true;
+
+        if (!this._activeNotifications.has(id))
+            return true;
+
+        if (this._activeNotifications.get(id) === invocation.get_sender())
+            return true;
+
+        const error = new GLib.Error(Gio.DBusError,
+            Gio.DBusError.INVALID_ARGS, 'Invalid notification ID');
+        this._handleError(invocation, error);
+        return false;
+    }
+
    register() {
        Gio.DBus.session.own_name(
            'org.freedesktop.Notifications',
@ -76,8 +92,12 @@ var NotificationDaemon = class extends ServiceImplementation {
    async NotifyAsync(params, invocation) {
        const sender = invocation.get_sender();
        const pid = await this._getSenderPid(sender);
+        const replaceId = params[1];
        const hints = params[6];

+        if (!this._checkNotificationId(invocation, replaceId))
+            return;
+
        params[6] = {
            ...hints,
            'sender-pid': new GLib.Variant('u', pid),
@ -94,6 +114,10 @@ var NotificationDaemon = class extends ServiceImplementation {
    }

    CloseNotificationAsync(params, invocation) {
+        const [id] = params;
+        if (!this._checkNotificationId(invocation, id))
+            return;
+
        this._proxy.CloseNotificationRemote(...params, (res, error) => {
            if (this._handleError(invocation, error))
                return;