system_properties: do more checking of file

Check that the permissions on the properties file
are exactly as we expect them to be.

Make sure we close the fd if fstat fails.

Refactor the code slightly.

Change-Id: I5503fd58c3b8093ce7e6d05920748ed70eaf8e2c

diff --git a/libc/bionic/system_properties.c b/libc/bionic/system_properties.c
index a1312af..c9cf2f7 100644 (file)
--- a/libc/bionic/system_properties.c
+++ b/libc/bionic/system_properties.c
@@ -69,6 +69,7 @@ static int get_fd_from_env(void)
 int __system_properties_init(void)
 {
     bool fromFile = true;
+    int result = -1;
 
     if(__system_property_area__ != ((void*) &dummy_props)) {
         return 0;
@@ -96,26 +97,35 @@ int __system_properties_init(void)
 
     struct stat fd_stat;
     if (fstat(fd, &fd_stat) < 0) {
-        return -1;
+        goto cleanup;
     }
 
-    prop_area *pa = mmap(0, fd_stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
-
-    if (fromFile) {
-        close(fd);
+    if ((fd_stat.st_uid != 0)
+            || (fd_stat.st_gid != 0)
+            || ((fd_stat.st_mode & (S_IWGRP | S_IWOTH)) != 0)) {
+        goto cleanup;
     }
 
+    prop_area *pa = mmap(0, fd_stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
+
     if (pa == MAP_FAILED) {
-        return -1;
+        goto cleanup;
     }
 
     if((pa->magic != PROP_AREA_MAGIC) || (pa->version != PROP_AREA_VERSION)) {
         munmap(pa, fd_stat.st_size);
-        return -1;
+        goto cleanup;
     }
 
     __system_property_area__ = pa;
-    return 0;
+    result = 0;
+
+cleanup:
+    if (fromFile) {
+        close(fd);
+    }
+
+    return result;
 }
 
 const prop_info *__system_property_find_nth(unsigned n)