From 779713b191cab44516394bd012406ad640172125 Mon Sep 17 00:00:00 2001
From: Inkyun Kil <inkyun.kil@samsung.com>
Date: Tue, 19 Jun 2018 16:42:04 +0900
Subject: Add codes for checking caller

- When an application requests to delete or update an alarm, should be
verified that the application is correct

Change-Id: Ic947e58a88d4e37fa3ebf61ca9c9f5d4e320f055
Signed-off-by: Inkyun Kil <inkyun.kil@samsung.com>
---
 alarm-manager.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/alarm-manager.c b/alarm-manager.c
index b44cb6c..4d3224f 100644
--- a/alarm-manager.c
+++ b/alarm-manager.c
@@ -2778,6 +2778,52 @@ cynara_out:
 	return ret;
 }
 
+static int __check_modifiable(uid_t uid, pid_t pid, int alarm_id)
+{
+	bool caller_is_app = false;
+	char app_name[MAX_APP_ID] = { 0 };
+	GSList *gs_iter = NULL;
+	__alarm_info_t *entry = NULL;
+	char *caller_pkgid = NULL;
+	pkgmgrinfo_pkginfo_h caller_handle;
+
+	if (__get_cached_unique_name(pid, app_name, sizeof(app_name),
+				&caller_is_app, uid) == false)
+		return ERR_ALARM_SYSTEM_FAIL;
+
+	if (!caller_is_app) {
+		ALARM_MGR_LOG_PRINT("Daemon process is possible to modify alarms[%s]",
+				app_name);
+		return ALARMMGR_RESULT_SUCCESS;
+	} else {
+		if (pkgmgrinfo_appinfo_get_usr_appinfo(app_name, uid, &caller_handle) != PMINFO_R_OK) {
+			ALARM_MGR_EXCEPTION_PRINT("Failed to get appinfo %s", app_name);
+			return ERR_ALARM_SYSTEM_FAIL;
+		} else {
+			if (pkgmgrinfo_appinfo_get_pkgid(caller_handle, &caller_pkgid) != PMINFO_R_OK) {
+				ALARM_MGR_EXCEPTION_PRINT("Failed to get pkgid %s", app_name);
+				pkgmgrinfo_appinfo_destroy_appinfo(caller_handle);
+				return ERR_ALARM_SYSTEM_FAIL;
+			}
+		}
+	}
+
+	for (gs_iter = alarm_context.alarms; gs_iter != NULL; gs_iter = g_slist_next(gs_iter)) {
+		entry = gs_iter->data;
+		if (entry->uid == uid && entry->alarm_id == alarm_id &&
+				strcmp(caller_pkgid, entry->caller_pkgid) == 0) {
+			ALARM_MGR_LOG_PRINT("Found alarm of app (uid:%d, pid:%d, caller_pkgid:%s) ", uid, pid, caller_pkgid);
+			pkgmgrinfo_appinfo_destroy_appinfo(caller_handle);
+			return ALARMMGR_RESULT_SUCCESS;
+		}
+	}
+
+	ALARM_MGR_EXCEPTION_PRINT("[%s] is not permitted to modify alarm_id[%d]", app_name, alarm_id);
+	pkgmgrinfo_appinfo_destroy_appinfo(caller_handle);
+
+	return ERR_ALARM_NOT_PERMITTED_APP;
+}
+
 gboolean alarm_manager_alarm_set_rtc_time(AlarmManager *pObj, GDBusMethodInvocation *invoc,
 				int year, int mon, int day,
 				int hour, int min, int sec,
@@ -3419,6 +3465,11 @@ gboolean alarm_manager_alarm_delete(AlarmManager *obj, GDBusMethodInvocation *in
 		return true;
 	}
 
+	return_code = __check_modifiable(uid, pid, alarm_id);
+	if (return_code != ALARMMGR_RESULT_SUCCESS) {
+		g_dbus_method_invocation_return_value(invoc, g_variant_new("(i)", return_code));
+		return true;
+	}
 
 	if (!__alarm_delete(uid, alarm_id, &return_code)) {
 		ALARM_MGR_EXCEPTION_PRINT("Unable to delete the alarm! alarm_id[%d], return_code[%d]", alarm_id, return_code);
@@ -3550,6 +3601,12 @@ gboolean alarm_manager_alarm_update(AlarmManager *pObj, GDBusMethodInvocation *i
 		return true;
 	}
 
+	return_code = __check_modifiable(uid, pid, alarm_id);
+	if (return_code != ALARMMGR_RESULT_SUCCESS) {
+		g_dbus_method_invocation_return_value(invoc, g_variant_new("(i)", return_code));
+		return true;
+	}
+
 	alarm_info.start.year = start_year;
 	alarm_info.start.month = start_month;
 	alarm_info.start.day = start_day;
-- 
cgit v1.2.3