Add validity checks for `SwitchUser` method

author Adam Michalski <a.michalski2@partner.samsung.com>

Fri, 13 May 2022 16:45:04 +0000 (18:45 +0200)

committer Adam Michalski <a.michalski2@partner.samsung.com>

Tue, 17 May 2022 16:43:15 +0000 (18:43 +0200)
author Adam Michalski <a.michalski2@partner.samsung.com>
Fri, 13 May 2022 16:45:04 +0000 (18:45 +0200)
committer Adam Michalski <a.michalski2@partner.samsung.com>
Tue, 17 May 2022 16:43:15 +0000 (18:43 +0200)
diff --git a/sessiond/src/fs_helpers.cpp b/sessiond/src/fs_helpers.cpp

index 0fcf0f3..966f724 100644 (file)
--- a/sessiond/src/fs_helpers.cpp
+++ b/sessiond/src/fs_helpers.cpp
@@ -164,6 +164,20 @@ void fs_helpers::create_main_subdirectory(const int session_uid, std::string_vie
                         + "` subdirectory");
  }
  
+bool fs_helpers::subsession_exists(const int session_uid, const int subsession_id) try {
+       std::string home_dir = fs_helpers::get_home_dir_by_user_id(session_uid);
+       std::string main_dir = std::move(home_dir) + "/" + main_dir_name.data();
+       std::string subsession_dir = std::move(main_dir) + "/" + std::to_string(subsession_id);
+       fs::path subsession_path { subsession_dir };
+       return fs::exists(subsession_path);
+}
+catch (std::exception const &ex) {
+       std::cerr << "Exception " << ex.what() << std::endl
+               << "while executing subsession_exists function [session_uid=" << session_uid
+               << " subsession_id=" << subsession_id << "]" << std::endl;
+       return false;
+}
+
  void fs_helpers::add_user_subsession(const int session_uid, const int subsession_id)
  {
         try {
diff --git a/sessiond/src/fs_helpers.h b/sessiond/src/fs_helpers.h

index 8b61be5..333740c 100644 (file)
--- a/sessiond/src/fs_helpers.h
+++ b/sessiond/src/fs_helpers.h
@@ -18,6 +18,7 @@ namespace fs_helpers
         void copy_ownership(std::string_view src_path, std::string_view dest_path);
         std::string get_smack_label(std::string_view src_path, smack_label_type type);
         void copy_smack_attributes(std::string_view src_path, std::string_view dest_path);
+       bool subsession_exists(const int session_uid, const int subsession_id);
         void add_user_subsession(const int session_uid, const int subsession_id);
         void remove_user_subsession(const int session_uid, const int subsession_id);
         std::vector<int> get_user_list(const int session_uid);
diff --git a/sessiond/src/main.cpp b/sessiond/src/main.cpp

index c5b8c6e..0c0d76c 100644 (file)
--- a/sessiond/src/main.cpp
+++ b/sessiond/src/main.cpp
@@ -175,6 +175,11 @@ struct sessiond_context {
                         return;
                 }
  
+               if (!fs_helpers::subsession_exists(session_uid, next_subsession_id)) {
+                       g_dbus_method_invocation_return_dbus_error(invocation, "org.freedesktop.DBus.Error.FileNotFound", "Invalid UID or subsession passed");
+                       return;
+               }
+
                 switch_id += 1;
  
                 int prev_subsession_id = INITIAL_SUB_SESSION_ID;
author	Adam Michalski <a.michalski2@partner.samsung.com>
	Fri, 13 May 2022 16:45:04 +0000 (18:45 +0200)
committer	Adam Michalski <a.michalski2@partner.samsung.com>
	Tue, 17 May 2022 16:43:15 +0000 (18:43 +0200)
sessiond/src/fs_helpers.cpp		patch \| blob \| history
sessiond/src/fs_helpers.h		patch \| blob \| history
sessiond/src/main.cpp		patch \| blob \| history