From: Nick Kralevich <nnk@google.com>
Date: Fri, 25 Jan 2013 21:07:31 +0000 (-0800)
Subject: system_properties: do more checking of file
X-Git-Tag: android-x86-4.4-r1~313^2~25^2~38^2
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=c16961b8c3b932716b2e576c5877d39411b453cc;p=android-x86%2Fbionic.git

system_properties: do more checking of file

Check that the permissions on the properties file
are exactly as we expect them to be.

Make sure we close the fd if fstat fails.

Refactor the code slightly.

Change-Id: I5503fd58c3b8093ce7e6d05920748ed70eaf8e2c
---

diff --git a/libc/bionic/system_properties.c b/libc/bionic/system_properties.c
index a1312af11..c9cf2f75f 100644
--- a/libc/bionic/system_properties.c
+++ b/libc/bionic/system_properties.c
@@ -69,6 +69,7 @@ static int get_fd_from_env(void)
 int __system_properties_init(void)
 {
     bool fromFile = true;
+    int result = -1;
 
     if(__system_property_area__ != ((void*) &dummy_props)) {
         return 0;
@@ -96,26 +97,35 @@ int __system_properties_init(void)
 
     struct stat fd_stat;
     if (fstat(fd, &fd_stat) < 0) {
-        return -1;
+        goto cleanup;
     }
 
-    prop_area *pa = mmap(0, fd_stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
-
-    if (fromFile) {
-        close(fd);
+    if ((fd_stat.st_uid != 0)
+            || (fd_stat.st_gid != 0)
+            || ((fd_stat.st_mode & (S_IWGRP | S_IWOTH)) != 0)) {
+        goto cleanup;
     }
 
+    prop_area *pa = mmap(0, fd_stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
+
     if (pa == MAP_FAILED) {
-        return -1;
+        goto cleanup;
     }
 
     if((pa->magic != PROP_AREA_MAGIC) || (pa->version != PROP_AREA_VERSION)) {
         munmap(pa, fd_stat.st_size);
-        return -1;
+        goto cleanup;
     }
 
     __system_property_area__ = pa;
-    return 0;
+    result = 0;
+
+cleanup:
+    if (fromFile) {
+        close(fd);
+    }
+
+    return result;
 }
 
 const prop_info *__system_property_find_nth(unsigned n)