diff options
| author | Sangyoon Jang <jeremy.jang@samsung.com> | 2022-02-21 12:31:58 +0900 |
|---|---|---|
| committer | Sangyoon Jang <jeremy.jang@samsung.com> | 2022-02-22 18:22:22 +0900 |
| commit | b4db3ea8c0015cf0a5f218a247bf18935b4ef029 (patch) | |
| tree | b0a292959183a31ca7a0205234ee7561eacb2eda | |
| parent | dc5bc888ce64f900cbb6ed7c56f65754993efc11 (diff) | |
| download | alarm-manager-b4db3ea8c0015cf0a5f218a247bf18935b4ef029.tar.gz alarm-manager-b4db3ea8c0015cf0a5f218a247bf18935b4ef029.tar.bz2 alarm-manager-b4db3ea8c0015cf0a5f218a247bf18935b4ef029.zip | |
Fix static analysis issue
Fix TOCTOU problem.
Change-Id: Ie32e21de8e70753484f03e22f27315d581efc1c8
Signed-off-by: Sangyoon Jang <jeremy.jang@samsung.com>
| -rw-r--r-- | server/alarm-manager.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/server/alarm-manager.c b/server/alarm-manager.c index ff24983..9b62aba 100644 --- a/server/alarm-manager.c +++ b/server/alarm-manager.c @@ -49,7 +49,8 @@ #include "alarm-manager-dbus.h" /* link path for timezone info */ -#define TIMEZONE_INFO_LINK_PATH tzplatform_mkpath(TZ_SYS_ETC, "localtime") +#define TIMEZONE_INFO_LINK_DIR_PATH tzplatform_getenv(TZ_SYS_ETC) +#define TIMEZONE_INFO_LINK_FILE_NAME "localtime" #ifndef RTC_WKALM_BOOT_SET #define RTC_WKALM_BOOT_SET _IOW('p', 0x80, struct rtc_wkalrm) @@ -2215,6 +2216,7 @@ int alarm_manager_alarm_set_timezone(GVariant* parameters) char log_message[ALARMMGR_LOG_MESSAGE_SIZE] = {0,}; char *tzpath_str; time_t cur_time; + int dirfd = -1; g_variant_get(parameters, "(&s)", &tzpath_str); @@ -2226,10 +2228,18 @@ int alarm_manager_alarm_set_timezone(GVariant* parameters) goto done; } - retval = lstat(TIMEZONE_INFO_LINK_PATH, &statbuf); + dirfd = open(TIMEZONE_INFO_LINK_DIR_PATH, O_DIRECTORY); + if (dirfd < 0) { + LOGE("open(%s) failed: %d", TIMEZONE_INFO_LINK_DIR_PATH, errno); + return_code = ERR_ALARM_SYSTEM_FAIL; + goto done; + } + + retval = fstatat(dirfd, TIMEZONE_INFO_LINK_FILE_NAME, &statbuf, + AT_SYMLINK_NOFOLLOW); if (retval == 0 || (retval == -1 && errno != ENOENT)) { /* unlink the current link */ - if (unlink(TIMEZONE_INFO_LINK_PATH) < 0) { + if (unlinkat(dirfd, TIMEZONE_INFO_LINK_FILE_NAME, 0) < 0) { LOGE("unlink() is failed."); return_code = ERR_ALARM_SYSTEM_FAIL; goto done; @@ -2237,7 +2247,7 @@ int alarm_manager_alarm_set_timezone(GVariant* parameters) } /* create a new symlink when the /opt/etc/localtime is empty. */ - if (symlink(tzpath_str, TIMEZONE_INFO_LINK_PATH) < 0) { + if (symlinkat(tzpath_str, dirfd, TIMEZONE_INFO_LINK_FILE_NAME) < 0) { LOGE("Failed to create an symlink of %s.", tzpath_str); return_code = ERR_ALARM_SYSTEM_FAIL; goto done; @@ -2270,6 +2280,9 @@ int alarm_manager_alarm_set_timezone(GVariant* parameters) bundle_free(b); done: + if (dirfd >= 0) + close(dirfd); + if (return_code == ALARMMGR_RESULT_SUCCESS) strncpy(log_tag, "SET TIMEZONE", sizeof(log_tag) - 1); else |