* commit 'b8726037ee1100e2704e90d0a54ea2313bf96b00': libc: use more secure system properties if available
This commit is contained in:
parent
d72183aa16
commit
472fdc95a6
@ -31,12 +31,15 @@
|
|||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <poll.h>
|
#include <poll.h>
|
||||||
|
#include <fcntl.h>
|
||||||
|
#include <stdbool.h>
|
||||||
|
|
||||||
#include <sys/mman.h>
|
#include <sys/mman.h>
|
||||||
|
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
#include <sys/un.h>
|
#include <sys/un.h>
|
||||||
#include <sys/select.h>
|
#include <sys/select.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <netinet/in.h>
|
#include <netinet/in.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
@ -52,36 +55,62 @@ static unsigned dummy_props = 0;
|
|||||||
|
|
||||||
prop_area *__system_property_area__ = (void*) &dummy_props;
|
prop_area *__system_property_area__ = (void*) &dummy_props;
|
||||||
|
|
||||||
|
static int get_fd_from_env(void)
|
||||||
|
{
|
||||||
|
char *env = getenv("ANDROID_PROPERTY_WORKSPACE");
|
||||||
|
|
||||||
|
if (!env) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
return atoi(env);
|
||||||
|
}
|
||||||
|
|
||||||
int __system_properties_init(void)
|
int __system_properties_init(void)
|
||||||
{
|
{
|
||||||
prop_area *pa;
|
bool fromFile = true;
|
||||||
int s, fd;
|
|
||||||
unsigned sz;
|
|
||||||
char *env;
|
|
||||||
|
|
||||||
if(__system_property_area__ != ((void*) &dummy_props)) {
|
if(__system_property_area__ != ((void*) &dummy_props)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
env = getenv("ANDROID_PROPERTY_WORKSPACE");
|
int fd = open(PROP_FILENAME, O_RDONLY | O_NOFOLLOW);
|
||||||
if (!env) {
|
|
||||||
|
if ((fd < 0) && (errno == ENOENT)) {
|
||||||
|
/*
|
||||||
|
* For backwards compatibility, if the file doesn't
|
||||||
|
* exist, we use the environment to get the file descriptor.
|
||||||
|
* For security reasons, we only use this backup if the kernel
|
||||||
|
* returns ENOENT. We don't want to use the backup if the kernel
|
||||||
|
* returns other errors such as ENOMEM or ENFILE, since it
|
||||||
|
* might be possible for an external program to trigger this
|
||||||
|
* condition.
|
||||||
|
*/
|
||||||
|
fd = get_fd_from_env();
|
||||||
|
fromFile = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (fd < 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
fd = atoi(env);
|
|
||||||
env = strchr(env, ',');
|
struct stat fd_stat;
|
||||||
if (!env) {
|
if (fstat(fd, &fd_stat) < 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
sz = atoi(env + 1);
|
|
||||||
|
prop_area *pa = mmap(0, fd_stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
|
||||||
pa = mmap(0, sz, PROT_READ, MAP_SHARED, fd, 0);
|
|
||||||
|
if (fromFile) {
|
||||||
if(pa == MAP_FAILED) {
|
close(fd);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (pa == MAP_FAILED) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if((pa->magic != PROP_AREA_MAGIC) || (pa->version != PROP_AREA_VERSION)) {
|
if((pa->magic != PROP_AREA_MAGIC) || (pa->version != PROP_AREA_VERSION)) {
|
||||||
munmap(pa, sz);
|
munmap(pa, fd_stat.st_size);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -218,8 +247,6 @@ static int send_prop_msg(prop_msg *msg)
|
|||||||
int __system_property_set(const char *key, const char *value)
|
int __system_property_set(const char *key, const char *value)
|
||||||
{
|
{
|
||||||
int err;
|
int err;
|
||||||
int tries = 0;
|
|
||||||
int update_seen = 0;
|
|
||||||
prop_msg msg;
|
prop_msg msg;
|
||||||
|
|
||||||
if(key == 0) return -1;
|
if(key == 0) return -1;
|
||||||
|
@ -41,6 +41,7 @@ typedef struct prop_msg prop_msg;
|
|||||||
#define PROP_AREA_VERSION 0x45434f76
|
#define PROP_AREA_VERSION 0x45434f76
|
||||||
|
|
||||||
#define PROP_SERVICE_NAME "property_service"
|
#define PROP_SERVICE_NAME "property_service"
|
||||||
|
#define PROP_FILENAME "/dev/__properties__"
|
||||||
|
|
||||||
/* #define PROP_MAX_ENTRIES 247 */
|
/* #define PROP_MAX_ENTRIES 247 */
|
||||||
/* 247 -> 32620 bytes (<32768) */
|
/* 247 -> 32620 bytes (<32768) */
|
||||||
|
Loading…
Reference in New Issue
Block a user