system_properties: do more checking of file

Check that the permissions on the properties file are exactly as we expect them to be. Make sure we close the fd if fstat fails. Refactor the code slightly. Change-Id: I5503fd58c3b8093ce7e6d05920748ed70eaf8e2c
2013-01-25 13:07:31 -08:00 · 2013-01-25 13:07:31 -08:00 · c16961b8c3
commit c16961b8c3
parent 82ef8296dc
1 changed files with 18 additions and 8 deletions
--- a/libc/bionic/system_properties.c
+++ b/libc/bionic/system_properties.c
@ -69,6 +69,7 @@ static int get_fd_from_env(void)
 int __system_properties_init(void)
 {
    bool fromFile = true;
+    int result = -1;

    if(__system_property_area__ != ((void*) &dummy_props)) {
        return 0;
@ -96,26 +97,35 @@ int __system_properties_init(void)

    struct stat fd_stat;
    if (fstat(fd, &fd_stat) < 0) {
-        return -1;
+        goto cleanup;
+    }
+
+    if ((fd_stat.st_uid != 0)
+            || (fd_stat.st_gid != 0)
+            || ((fd_stat.st_mode & (S_IWGRP | S_IWOTH)) != 0)) {
+        goto cleanup;
    }

    prop_area *pa = mmap(0, fd_stat.st_size, PROT_READ, MAP_SHARED, fd, 0);

-    if (fromFile) {
-        close(fd);
-    }
-
    if (pa == MAP_FAILED) {
-        return -1;
+        goto cleanup;
    }

    if((pa->magic != PROP_AREA_MAGIC) || (pa->version != PROP_AREA_VERSION)) {
        munmap(pa, fd_stat.st_size);
-        return -1;
+        goto cleanup;
    }

    __system_property_area__ = pa;
-    return 0;
+    result = 0;
+
+cleanup:
+    if (fromFile) {
+        close(fd);
+    }
+
+    return result;
 }

 const prop_info *__system_property_find_nth(unsigned n)