Check the package id in the status handler

author Hwankyu Jhun <h.jhun@samsung.com>

Fri, 7 Oct 2016 06:07:12 +0000 (15:07 +0900)

committer Hwankyu Jhun <h.jhun@samsung.com>

Fri, 7 Oct 2016 06:14:32 +0000 (15:14 +0900)
author Hwankyu Jhun <h.jhun@samsung.com>
Fri, 7 Oct 2016 06:07:12 +0000 (15:07 +0900)
committer Hwankyu Jhun <h.jhun@samsung.com>
Fri, 7 Oct 2016 06:14:32 +0000 (15:14 +0900)
diff --git a/src/widget_instance.c b/src/widget_instance.c

index 43ba763d384e1da4a2106eb410c77b8b413d15ee..987abdaef82b8aaaeceb5401b8123448fd99c6ed 100644 (file)
--- a/src/widget_instance.c
+++ b/src/widget_instance.c
@@ -81,6 +81,8 @@ static aul_app_com_connection_h conn_status;
  static GHashTable *lifecycle_tbl;
  static int is_status_handler_connected;
  
+static char *package_id;
+
  struct lifecycle_local_s {
         char *widget_id;
         widget_instance_event_cb cb;
@@ -610,10 +612,40 @@ static int __check_valid_sender(char *widget_id, int pid)
         return -1;
  }
  
+static int __check_valid_sender_v2(const char *sender_pkgid)
+{
+       char pkgid[256] = {0, };
+       int ret;
+
+       if (sender_pkgid == NULL)
+               return -1;
+
+       if (package_id == NULL) {
+               ret = aul_app_get_pkgid_bypid(getpid(), pkgid, sizeof(pkgid));
+               if (ret != AUL_R_OK) {
+                       _E("Failed to get pkgid");
+                       return -1;
+               }
+
+               package_id = strdup(pkgid);
+               if (package_id == NULL) {
+                       _E("out of memory");
+                       return -1;
+               }
+       }
+
+       _D("sender_pkgid: %s, pkgid: %s", sender_pkgid, package_id);
+       if (strcmp(package_id, sender_pkgid) == 0)
+               return 0;
+
+       return -1;
+}
+
  static int __status_handler(const char *endpoint, aul_app_com_result_e e, bundle *envelope, void *user_data)
  {
-       char *widget_id;
-       char *instance_id;
+       char *widget_id = NULL;
+       char *instance_id = NULL;
+       char *sender_pkgid = NULL;
         int *status;
         size_t status_sz = 0;
         struct lifecycle_local_s *cb_info;
@@ -624,6 +656,7 @@ static int __status_handler(const char *endpoint, aul_app_com_result_e e, bundle
         bundle_get_str(envelope, AUL_K_WIDGET_INSTANCE_ID, &instance_id);
         bundle_get_byte(envelope, AUL_K_WIDGET_STATUS, (void **)&status, &status_sz);
         bundle_get_str(envelope, AUL_K_COM_SENDER_PID, &sender_pid_str);
+       bundle_get_str(envelope, AUL_K_PKGID, &sender_pkgid);
  
         if (widget_id == NULL || status == NULL) {
                 _E("undefined class or instance %s of %s", instance_id, widget_id);
@@ -635,8 +668,12 @@ static int __status_handler(const char *endpoint, aul_app_com_result_e e, bundle
  
         sender_pid = atoi(sender_pid_str);
         if (__check_valid_sender(widget_id, sender_pid) == -1) {
-               _E("invalid sender, pid %d do not have widget_id %s", sender_pid, widget_id);
-               return 0;
+               bundle_get_str(envelope, AUL_K_PKGID, &sender_pkgid);
+               if (__check_valid_sender_v2(sender_pkgid) < 0) {
+                       _E("invalid sender, pid %d do not have widget_id %s",
+                                       sender_pid, widget_id);
+                       return 0;
+               }
         }
  
         if (*status == AUL_WIDGET_LIFE_CYCLE_EVENT_APP_DEAD) {
author	Hwankyu Jhun <h.jhun@samsung.com>
	Fri, 7 Oct 2016 06:07:12 +0000 (15:07 +0900)
committer	Hwankyu Jhun <h.jhun@samsung.com>
	Fri, 7 Oct 2016 06:14:32 +0000 (15:14 +0900)