projects / platform / core / appfw / launchpad.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2c51231)
Check loader id validation 33/233533/1
authorHwankyu Jhun <h.jhun@samsung.com>
Fri, 15 May 2020 07:47:46 +0000 (16:47 +0900)
committerHwankyu Jhun <h.jhun@samsung.com>
Fri, 15 May 2020 07:47:46 +0000 (16:47 +0900)
Change-Id: I74f713afdd4ba9c367f4b4a7f9c0a9c2871e3c6c
Signed-off-by: Hwankyu Jhun <h.jhun@samsung.com>
src/parser/launchpad_parser_plugin.cc patch | blob | history

diff --git a/src/parser/launchpad_parser_plugin.cc b/src/parser/launchpad_parser_plugin.cc
index 95deccb158d4529e81e49c18b61da07a05807bc1..9abaeb2e339523e5a360bc3bd9f2245dfcb8febd 100644 (file)
--- a/src/parser/launchpad_parser_plugin.cc
+++ b/src/parser/launchpad_parser_plugin.cc
@@ -62,6 +62,13 @@ int LaunchpadParser::WriteToFile(string pkgid) {
 }
 
 bool LaunchpadParser::IsValidId(string loader_id, string pkgid) {
+  std::string needle("../");
+  std::size_t found = loader_id.find(needle);
+  if (found != std::string::npos) {
+    _E("Invalid loader_id(%s)", loader_id.c_str());
+    return false;
+  }
+
   ifstream in_file(GetFilePath(loader_id).c_str());
   if (!in_file.good())
     return true;
Domain: App Framework / Application Launcher;