Check if appcontrol is valid on the receiver side

Change-Id: Ie13ef3c4bdb2b3929d4b0abafc2b6e5bb5ae047c
Signed-off-by: Inkyun Kil <inkyun.kil@samsung.com>

diff --git a/src/common/appcontrol_manager.cc b/src/common/appcontrol_manager.cc
index 8eadf8911198bfcaa780df1882f9c71136f4459c..ee19325303e3e95fc603623fdd282c1e16c7e97e 100644 (file)
--- a/src/common/appcontrol_manager.cc
+++ b/src/common/appcontrol_manager.cc
@@ -92,6 +92,48 @@ bool AppControlManager::CheckRemoteAppControl(const std::string& device_id,
   return false;
 }
 
+bool AppControlManager::CheckAppControl(const std::string& device_id,
+    CapabilityManager* cm, const unsigned char* appcontrol, size_t len) {
+  bool found = false;
+  std::vector<RemoteDevice> dev_list = DBManager::SelectDevices();
+  for (auto& dev : dev_list) {
+    if (device_id == dev.device_id())
+      found = true;
+  }
+
+  if (!found) {
+    LOG(ERROR) << "Invalid device_id : " << device_id;
+    return false;
+  }
+
+  bundle* b = bundle_decode(appcontrol, len);
+  if (!b) {
+    LOG(ERROR) << "Invalid bundle data!";
+    return false;
+  }
+
+  const char* appid_cstr = aul_svc_get_appid(b);
+  if (!appid_cstr) {
+    LOG(ERROR) << "Failed to get appid!";
+    bundle_free(b);
+    return false;
+  }
+
+  std::string appid(appid_cstr);
+  std::vector<Capability> cap_list = cm->GetCapabilities();
+  for (const auto& cap : cap_list) {
+    if (appid == cap.appid()) {
+      LOG(INFO) << "Found appcontrol!";
+      bundle_free(b);
+      return true;
+    }
+  }
+
+  LOG(ERROR) << "Invalid appcontrol!";
+  bundle_free(b);
+  return false;
+}
+
 int AppControlManager::AulHandler(aul_type type, bundle* kb, void* data) {
   return 0;
 }

diff --git a/src/common/appcontrol_manager.h b/src/common/appcontrol_manager.h
index b069d351ea773f186dfb1b2509a7b6c68d52767d..c202e58862af56057caa5064cd834d8ba8b39301 100644 (file)
--- a/src/common/appcontrol_manager.h
+++ b/src/common/appcontrol_manager.h
@@ -37,6 +37,8 @@ class AppControlManager {
       void* data);
   bool CheckRemoteAppControl(const std::string& device_id,
       const unsigned char* appcontrol, size_t len);
+  bool CheckAppControl(const std::string& device_id, CapabilityManager* cm,
+      const unsigned char* appcontrol, size_t len);
 
  private:
   class AppControlReplyHandler {

diff --git a/src/common/db_manager.cc b/src/common/db_manager.cc
index bddf225793b0af84f8a23e17a8b1c976fcb4d493..57d6d607006781e7983962cfd64ab3d1dabca4e1 100644 (file)
--- a/src/common/db_manager.cc
+++ b/src/common/db_manager.cc
@@ -127,7 +127,7 @@ bool DBManager::DeleteDevice(const RemoteDevice& device) {
   return true;
 }
 
-std::vector<RemoteDevice> DBManager::SelectDevice() {
+std::vector<RemoteDevice> DBManager::SelectDevices() {
   auto guard = Instance().sql_conn_->GetTransactionGuard();
   std::shared_ptr<SQLStatement> stmt = Instance().sql_conn_->PrepareStatement(
       kQuerySelectDev);
@@ -137,7 +137,7 @@ std::vector<RemoteDevice> DBManager::SelectDevice() {
   }
 
   std::vector<RemoteDevice> dev_list;
-  while (stmt && stmt->Step() == SQLStatement::StepResult::ROW) {
+  while (stmt->Step() == SQLStatement::StepResult::ROW) {
     int idx = 0;
     std::string device_id = stmt->GetColumnString(idx++);
     std::string model_name = stmt->GetColumnString(idx++);

diff --git a/src/common/db_manager.h b/src/common/db_manager.h
index b1f7f60d7c1f4621392a318426006ec5b8f69d34..ce4cedfb374f6476ec34b2aa987de96dd86de8ef 100644 (file)
--- a/src/common/db_manager.h
+++ b/src/common/db_manager.h
@@ -22,7 +22,7 @@ class DBManager {
  public:
   static bool InsertDevice(const RemoteDevice& device);
   static bool DeleteDevice(const RemoteDevice& device);
-  static std::vector<RemoteDevice> SelectDevice();
+  static std::vector<RemoteDevice> SelectDevices();
   static bool InsertCapability(const std::string& device_id,
       const Capability& cap);
   static bool InsertCapabilities(const std::string& device_id,

diff --git a/src/common/mdg_manager.cc b/src/common/mdg_manager.cc
index 075f06b63a9a0d0987913eec80d9028bfbaf4e45..2488d4d0936b534321fdbc885f04115c17a576e4 100755 (executable)
--- a/src/common/mdg_manager.cc
+++ b/src/common/mdg_manager.cc
@@ -216,6 +216,13 @@ void MDGManager::ReceiveDataCb(int result, char* device_id, char* channel_id,
     struct sender_info* info = new struct sender_info;
     info->device_id = device_id;
     info->msg_id = msg_id;
+
+    if (!AppControlManager::GetAppControlManager().CheckAppControl(
+        device_id, mdgmgr->capmgr_, data, datasize)) {
+      LOG(ERROR) << "The appcontrol is not valid";
+      return;
+    }
+
     if (!AppControlManager::GetAppControlManager().LaunchApplication(
         data, datasize, info))
       LOG(ERROR) << "Failed to launch application";
@@ -455,7 +462,7 @@ void MDGManager::HandlePackageEvent(const std::string& pkgid,
     delete info;
   }
 
-  std::vector<RemoteDevice> dev_list = DBManager::SelectDevice();
+  std::vector<RemoteDevice> dev_list = DBManager::SelectDevices();
   for (auto& dev : dev_list) {
     switch (event_type) {
       case PackageEventListener::EventType::INSTALL: