property_service: better validate property names

Don't allow unexpected characters in property names. Don't allow double dots in property names. Bug: 10733330 Change-Id: I8d69740d697efb791f2f201f90989576e13bac81
author: Nick Kralevich 2013-09-13 19:21:28 -0500
committer: Nick Kralevich 2013-09-16 11:05:29 -0500
commit: 694636142113d91c2b9585ad28e143d4ff001584 (patch)
tree: 386eb400e2df5473c5d9484bd6b1b0e0d7ed5fa2
parent: 53dc297dd685aa7498203fddb3f85e60f2cbc7df (diff)
download: platform-system-core-694636142113d91c2b9585ad28e143d4ff001584.tar.gz
platform-system-core-694636142113d91c2b9585ad28e143d4ff001584.tar.xz
platform-system-core-694636142113d91c2b9585ad28e143d4ff001584.zip
1 files changed, 37 insertions, 4 deletions
diff --git a/init/property_service.c b/init/property_service.c
index 9afc7569a..9ac278169 100644
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -276,6 +276,34 @@ static void write_persistent_property(const char *name, const char *value)
    }
 }
+static bool is_legal_property_name(const char* name, size_t namelen)
+{
+    size_t i;
+    bool previous_was_dot = false;
+    if (namelen >= PROP_NAME_MAX) return false;
+    if (namelen < 1) return false;
+    if (name[0] == '.') return false;
+    if (name[namelen - 1] == '.') return false;
+    /* Only allow alphanumeric, plus '.', '-', or '_' */
+    /* Don't allow ".." to appear in a property name */
+    for (i = 0; i < namelen; i++) {
+        if (name[i] == '.') {
+            if (previous_was_dot == true) return false;
+            previous_was_dot = true;
+            continue;
+        }
+        previous_was_dot = false;
+        if (name[i] == '_' || name[i] == '-') continue;
+        if (name[i] >= 'a' && name[i] <= 'z') continue;
+        if (name[i] >= 'A' && name[i] <= 'Z') continue;
+        if (name[i] >= '0' && name[i] <= '9') continue;
+        return false;
+    }
+    return true;
+}
 int property_set(const char *name, const char *value)
 {
    prop_info *pi;
@@ -284,9 +312,8 @@ int property_set(const char *name, const char *value)
    size_t namelen = strlen(name);
    size_t valuelen = strlen(value);
-    if(namelen >= PROP_NAME_MAX) return -1;
+    if (!is_legal_property_name(name, namelen)) return -1;
-    if(valuelen >= PROP_VALUE_MAX) return -1;
+    if (valuelen >= PROP_VALUE_MAX) return -1;
-    if(namelen < 1) return -1;
    pi = (prop_info*) __system_property_find(name);
@@ -298,7 +325,7 @@ int property_set(const char *name, const char *value)
    } else {
        ret = __system_property_add(name, namelen, value, valuelen);
        if (ret < 0) {
-            ERROR("Failed to set '%s'='%s'", name, value);
+            ERROR("Failed to set '%s'='%s'\n", name, value);
            return ret;
        }
    }
@@ -364,6 +391,12 @@ void handle_property_set_fd()
        msg.name[PROP_NAME_MAX-1] = 0;
        msg.value[PROP_VALUE_MAX-1] = 0;
+        if (!is_legal_property_name(msg.name, strlen(msg.name))) {
+            ERROR("sys_prop: illegal property name. Got: \"%s\"\n", msg.name);
+            close(s);
+            return;
+        }
        getpeercon(s, &source_ctx);
        if(memcmp(msg.name,"ctl.",4) == 0) {
author	Nick Kralevich	2013-09-13 19:21:28 -0500
committer	Nick Kralevich	2013-09-16 11:05:29 -0500
commit	694636142113d91c2b9585ad28e143d4ff001584 (patch)
tree	386eb400e2df5473c5d9484bd6b1b0e0d7ed5fa2
parent	53dc297dd685aa7498203fddb3f85e60f2cbc7df (diff)
download	platform-system-core-694636142113d91c2b9585ad28e143d4ff001584.tar.gz platform-system-core-694636142113d91c2b9585ad28e143d4ff001584.tar.xz platform-system-core-694636142113d91c2b9585ad28e143d4ff001584.zip

diff --git a/init/property_service.c b/init/property_service.c index 9afc7569a..9ac278169 100644 --- a/init/property_service.c +++ b/init/property_service.c
@@ -276,6 +276,34 @@ static void write_persistent_property(const char name, const char value)
276	}	276	}
277	}	277	}
278		278
		279	static bool is_legal_property_name(const char* name, size_t namelen)
		280	{
		281	size_t i;
		282	bool previous_was_dot = false;
		283	if (namelen >= PROP_NAME_MAX) return false;
		284	if (namelen < 1) return false;
		285	if (name[0] == '.') return false;
		286	if (name[namelen - 1] == '.') return false;
		287
		288	/* Only allow alphanumeric, plus '.', '-', or '_' */
		289	/* Don't allow ".." to appear in a property name */
		290	for (i = 0; i < namelen; i++) {
		291	if (name[i] == '.') {
		292	if (previous_was_dot == true) return false;
		293	previous_was_dot = true;
		294	continue;
		295	}
		296	previous_was_dot = false;
		297	if (name[i] == '_' \|\| name[i] == '-') continue;
		298	if (name[i] >= 'a' && name[i] <= 'z') continue;
		299	if (name[i] >= 'A' && name[i] <= 'Z') continue;
		300	if (name[i] >= '0' && name[i] <= '9') continue;
		301	return false;
		302	}
		303
		304	return true;
		305	}
		306
279	int property_set(const char name, const char value)	307	int property_set(const char name, const char value)
280	{	308	{
281	prop_info *pi;	309	prop_info *pi;
@@ -284,9 +312,8 @@ int property_set(const char name, const char value)
284	size_t namelen = strlen(name);	312	size_t namelen = strlen(name);
285	size_t valuelen = strlen(value);	313	size_t valuelen = strlen(value);
286		314
287	if(namelen >= PROP_NAME_MAX) return -1;	315	if (!is_legal_property_name(name, namelen)) return -1;
288	if(valuelen >= PROP_VALUE_MAX) return -1;	316	if (valuelen >= PROP_VALUE_MAX) return -1;
289	if(namelen < 1) return -1;
290		317
291	pi = (prop_info*) __system_property_find(name);	318	pi = (prop_info*) __system_property_find(name);
292		319
@@ -298,7 +325,7 @@ int property_set(const char name, const char value)
298	} else {	325	} else {
299	ret = __system_property_add(name, namelen, value, valuelen);	326	ret = __system_property_add(name, namelen, value, valuelen);
300	if (ret < 0) {	327	if (ret < 0) {
301	ERROR("Failed to set '%s'='%s'", name, value);	328	ERROR("Failed to set '%s'='%s'\n", name, value);
302	return ret;	329	return ret;
303	}	330	}
304	}	331	}
@@ -364,6 +391,12 @@ void handle_property_set_fd()
364	msg.name[PROP_NAME_MAX-1] = 0;	391	msg.name[PROP_NAME_MAX-1] = 0;
365	msg.value[PROP_VALUE_MAX-1] = 0;	392	msg.value[PROP_VALUE_MAX-1] = 0;
366		393
		394	if (!is_legal_property_name(msg.name, strlen(msg.name))) {
		395	ERROR("sys_prop: illegal property name. Got: \"%s\"\n", msg.name);
		396	close(s);
		397	return;
		398	}
		399
367	getpeercon(s, &source_ctx);	400	getpeercon(s, &source_ctx);
368		401
369	if(memcmp(msg.name,"ctl.",4) == 0) {	402	if(memcmp(msg.name,"ctl.",4) == 0) {