openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

do more checks on packages.list 

Change-Id: I16d6eab5e674c860be915fde2da7877994bed314
This commit is contained in:
Nick Kralevich 2012-02-09 11:22:33 -08:00
parent a8185a622e
commit 4ae7716072
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
run-as/package.c
View File

@ -89,6 +89,16 @@ map_file(const char* filename, size_t* filesize)
if (ret < 0)
goto EXIT;
/* Ensure that the file is owned by the system user */
if ((st.st_uid != AID_SYSTEM) || (st.st_gid != AID_SYSTEM)) {
goto EXIT;
}
/* Ensure that the file has sane permissions */
if ((st.st_mode & S_IWOTH) != 0) {
goto EXIT;
}
/* Ensure that the size is not ridiculously large */
length = (size_t)st.st_size;
if ((off_t)length != st.st_size) {