Harden logind session path decoding

neko-kai · neko-kai · commit 5b9a50a6bfbb · 2026-01-19T19:36:38.000Z
diff --git a/llm-docs/LLM-TODO.md b/llm-docs/LLM-TODO.md
@@ -39,3 +39,4 @@ The project daemon is located at `src/daemon/` (Rust).
 # Notes
 - 2026-01-18: logind session monitoring failure is non-fatal; daemon continues without native terminal switching.
 - 2026-01-18: logind session resolution now falls back to the user’s `Display` session when `GetSessionByPID` reports no session (systemd user service with lingering).
+- 2026-01-19: logind object path parsing accepts object paths, single-field structures, or strings (robust reply decoding).
diff --git a/llm-docs/implementation-notes.md b/llm-docs/implementation-notes.md
@@ -115,6 +115,7 @@ When all windows are closed (no window focused), the daemon switches to the defa
 The daemon watches `org.freedesktop.login1.Session.Active` on the system bus. When the session becomes inactive (Ctrl+Alt+F*), it applies the `on_native_terminal` rule if present, otherwise it behaves like an unfocused state. When the session becomes active again, it refreshes focus by querying the backend (GNOME GetFocus DBus, KDE script callback, Wayland/X11 active-window query).
 
 Session resolution prefers `XDG_SESSION_ID`, otherwise `GetSessionByPID`. If the PID is not in a logind session (common for systemd user services with lingering), it falls back to the user’s `Display` session via `GetUserByPID` + `org.freedesktop.login1.User.Display`.
+Logind replies are decoded via `OwnedValue` to tolerate object paths returned as a direct value, a single-field structure, or a string.
 
 If logind monitoring fails to start (no system bus, permissions, etc.), the daemon logs the error and continues without native terminal switching.
 
diff --git a/src/daemon/main.rs b/src/daemon/main.rs
@@ -41,7 +41,7 @@ use x11rb::protocol::xproto::{
 use x11rb::rust_connection::RustConnection;
 use zbus::Connection;
 use zbus::object_server::SignalEmitter;
-use zbus::zvariant::OwnedObjectPath;
+use zbus::zvariant::{OwnedObjectPath, OwnedValue, Structure, Value};
 
 // Generated COSMIC protocols
 mod cosmic_workspace {
@@ -2058,18 +2058,22 @@ async fn resolve_logind_session_path(
 
     if let Ok(session_id) = env::var("XDG_SESSION_ID") {
         println!("[Logind] Using XDG_SESSION_ID={}", session_id);
-        let path: OwnedObjectPath = manager.call("GetSession", &(session_id)).await?;
+        let path = parse_logind_object_path(
+            manager.call::<_, _, OwnedValue>("GetSession", &(session_id)).await?,
+            "GetSession",
+        )?;
         println!("[Logind] Using session path: {}", path.as_str());
         return Ok(path);
     }
     println!("[Logind] XDG_SESSION_ID not set; resolving session via logind");
 
     let pid = std::process::id();
     match manager
-        .call::<_, _, OwnedObjectPath>("GetSessionByPID", &(pid))
+        .call::<_, _, OwnedValue>("GetSessionByPID", &(pid))
         .await
     {
-        Ok(path) => {
+        Ok(value) => {
+            let path = parse_logind_object_path(value, "GetSessionByPID")?;
             println!("[Logind] Using session path: {}", path.as_str());
             Ok(path)
         }
@@ -2093,20 +2097,72 @@ fn is_logind_empty_object_path(path: &OwnedObjectPath) -> bool {
     path.as_str() == LOGIND_EMPTY_OBJECT_PATH
 }
 
+fn parse_logind_object_path(
+    value: OwnedValue,
+    context: &str,
+) -> Result<OwnedObjectPath, Box<dyn std::error::Error + Send + Sync>> {
+    let debug_value = format!("{:?}", value);
+    if let Ok(path) = OwnedObjectPath::try_from(value.try_clone()?) {
+        return Ok(path);
+    }
+    if let Ok(structure) = Structure::try_from(value.try_clone()?) {
+        if let Some(path) = parse_logind_object_path_from_structure(&structure) {
+            return Ok(path);
+        }
+    }
+    if let Ok(text) = String::try_from(value) {
+        return OwnedObjectPath::try_from(text).map_err(|error| {
+            format!(
+                "logind {} returned invalid object path string: {}",
+                context, error
+            )
+            .into()
+        });
+    }
+    Err(format!(
+        "logind {} returned unexpected value: {}",
+        context, debug_value
+    )
+    .into())
+}
+
+fn parse_logind_object_path_from_structure(structure: &Structure<'_>) -> Option<OwnedObjectPath> {
+    let fields = structure.fields();
+    if fields.len() != 1 {
+        return None;
+    }
+    logind_object_path_from_value(&fields[0])
+}
+
+fn logind_object_path_from_value(value: &Value<'_>) -> Option<OwnedObjectPath> {
+    match value {
+        Value::ObjectPath(path) => Some(OwnedObjectPath::from(path.clone())),
+        Value::Str(text) => OwnedObjectPath::try_from(text.as_str()).ok(),
+        Value::Value(inner) => logind_object_path_from_value(inner),
+        _ => None,
+    }
+}
+
 async fn resolve_logind_display_session_path(
     manager: &zbus::Proxy<'_>,
     connection: &Connection,
     pid: u32,
 ) -> Result<OwnedObjectPath, Box<dyn std::error::Error + Send + Sync>> {
-    let user_path: OwnedObjectPath = manager.call("GetUserByPID", &(pid)).await?;
+    let user_path = parse_logind_object_path(
+        manager.call::<_, _, OwnedValue>("GetUserByPID", &(pid)).await?,
+        "GetUserByPID",
+    )?;
     let user_proxy = zbus::Proxy::new(
         connection,
         LOGIND_BUS_NAME,
         user_path,
         LOGIND_USER_INTERFACE,
     )
     .await?;
-    let display: OwnedObjectPath = user_proxy.get_property("Display").await?;
+    let display = parse_logind_object_path(
+        user_proxy.get_property::<OwnedValue>("Display").await?,
+        "User.Display",
+    )?;
     if is_logind_empty_object_path(&display) {
         return Err("logind user has no display session".into());
     }
diff --git a/src/daemon/tests.rs b/src/daemon/tests.rs
@@ -1783,3 +1783,36 @@ fn test_logind_empty_object_path_detection() {
     assert!(is_logind_empty_object_path(&empty));
     assert!(!is_logind_empty_object_path(&non_empty));
 }
+
+#[test]
+fn test_parse_logind_object_path_value() {
+    use zbus::zvariant::ObjectPath;
+
+    let path = ObjectPath::try_from("/org/freedesktop/login1/session/_1").unwrap();
+    let value = OwnedValue::from(path);
+    let parsed = parse_logind_object_path(value, "test").unwrap();
+
+    assert_eq!(parsed.as_str(), "/org/freedesktop/login1/session/_1");
+}
+
+#[test]
+fn test_parse_logind_object_path_structure_single_field() {
+    use zbus::zvariant::{ObjectPath, StructureBuilder};
+
+    let path = ObjectPath::try_from("/org/freedesktop/login1/session/_1").unwrap();
+    let structure = StructureBuilder::new().add_field(path).build().unwrap();
+    let value = OwnedValue::try_from(structure).unwrap();
+    let parsed = parse_logind_object_path(value, "test").unwrap();
+
+    assert_eq!(parsed.as_str(), "/org/freedesktop/login1/session/_1");
+}
+
+#[test]
+fn test_parse_logind_object_path_string() {
+    use zbus::zvariant::Str;
+
+    let value = OwnedValue::from(Str::from("/org/freedesktop/login1/session/_1"));
+    let parsed = parse_logind_object_path(value, "test").unwrap();
+
+    assert_eq!(parsed.as_str(), "/org/freedesktop/login1/session/_1");
+}
