summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--init/builtins.c2
-rw-r--r--init/property_service.c41
2 files changed, 38 insertions, 5 deletions
diff --git a/init/builtins.c b/init/builtins.c
index bfc0ddb15..e8c8f9165 100644
--- a/init/builtins.c
+++ b/init/builtins.c
@@ -57,7 +57,7 @@ static int write_file(const char *path, const char *value)
57{ 57{
58 int fd, ret, len; 58 int fd, ret, len;
59 59
60 fd = open(path, O_WRONLY|O_CREAT, 0622); 60 fd = open(path, O_WRONLY|O_CREAT|O_NOFOLLOW, 0600);
61 61
62 if (fd < 0) 62 if (fd < 0)
63 return -errno; 63 return -errno;
diff --git a/init/property_service.c b/init/property_service.c
index 9afc7569a..9ac278169 100644
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -276,6 +276,34 @@ static void write_persistent_property(const char *name, const char *value)
276 } 276 }
277} 277}
278 278
279static bool is_legal_property_name(const char* name, size_t namelen)
280{
281 size_t i;
282 bool previous_was_dot = false;
283 if (namelen >= PROP_NAME_MAX) return false;
284 if (namelen < 1) return false;
285 if (name[0] == '.') return false;
286 if (name[namelen - 1] == '.') return false;
287
288 /* Only allow alphanumeric, plus '.', '-', or '_' */
289 /* Don't allow ".." to appear in a property name */
290 for (i = 0; i < namelen; i++) {
291 if (name[i] == '.') {
292 if (previous_was_dot == true) return false;
293 previous_was_dot = true;
294 continue;
295 }
296 previous_was_dot = false;
297 if (name[i] == '_' || name[i] == '-') continue;
298 if (name[i] >= 'a' && name[i] <= 'z') continue;
299 if (name[i] >= 'A' && name[i] <= 'Z') continue;
300 if (name[i] >= '0' && name[i] <= '9') continue;
301 return false;
302 }
303
304 return true;
305}
306
279int property_set(const char *name, const char *value) 307int property_set(const char *name, const char *value)
280{ 308{
281 prop_info *pi; 309 prop_info *pi;
@@ -284,9 +312,8 @@ int property_set(const char *name, const char *value)
284 size_t namelen = strlen(name); 312 size_t namelen = strlen(name);
285 size_t valuelen = strlen(value); 313 size_t valuelen = strlen(value);
286 314
287 if(namelen >= PROP_NAME_MAX) return -1; 315 if (!is_legal_property_name(name, namelen)) return -1;
288 if(valuelen >= PROP_VALUE_MAX) return -1; 316 if (valuelen >= PROP_VALUE_MAX) return -1;
289 if(namelen < 1) return -1;
290 317
291 pi = (prop_info*) __system_property_find(name); 318 pi = (prop_info*) __system_property_find(name);
292 319
@@ -298,7 +325,7 @@ int property_set(const char *name, const char *value)
298 } else { 325 } else {
299 ret = __system_property_add(name, namelen, value, valuelen); 326 ret = __system_property_add(name, namelen, value, valuelen);
300 if (ret < 0) { 327 if (ret < 0) {
301 ERROR("Failed to set '%s'='%s'", name, value); 328 ERROR("Failed to set '%s'='%s'\n", name, value);
302 return ret; 329 return ret;
303 } 330 }
304 } 331 }
@@ -364,6 +391,12 @@ void handle_property_set_fd()
364 msg.name[PROP_NAME_MAX-1] = 0; 391 msg.name[PROP_NAME_MAX-1] = 0;
365 msg.value[PROP_VALUE_MAX-1] = 0; 392 msg.value[PROP_VALUE_MAX-1] = 0;
366 393
394 if (!is_legal_property_name(msg.name, strlen(msg.name))) {
395 ERROR("sys_prop: illegal property name. Got: \"%s\"\n", msg.name);
396 close(s);
397 return;
398 }
399
367 getpeercon(s, &source_ctx); 400 getpeercon(s, &source_ctx);
368 401
369 if(memcmp(msg.name,"ctl.",4) == 0) { 402 if(memcmp(msg.name,"ctl.",4) == 0) {