Check validity of Smack labels in API function arguments.

[Issue#]       N/A
[Feature]      Catch errors with invalid Smack labels.
[Cause]        API users are passing invalid strings as Smack labels.
[Solution]     Implement internal checking of Smack labels.
[Verification] Build

Change-Id: I60d5e03fe687f5c85da2571b90c01cc94cf6d210

diff --git a/src/privilege-control.c b/src/privilege-control.c
index 6e8f4bb..96711e2 100644 (file)
--- a/src/privilege-control.c
+++ b/src/privilege-control.c
@@ -278,6 +278,37 @@ error:
 }
 
 #ifdef SMACK_ENABLED
+/* TODO: implement such function in libsmack instead */
+static int smack_label_is_valid(const char* smack_label)
+{
+       C_LOGD("Enter function: %s", __func__);
+       int i;
+
+       if (!smack_label || smack_label[0] == '\0' || smack_label[0] != '-')
+               goto err;
+
+       for (i = 0; smack_label[i]; ++i) {
+               if (i >= SMACK_LABEL_LEN)
+                       return 0;
+               switch (smack_label[i]) {
+               case '~':
+               case ' ':
+               case '/':
+               case '"':
+               case '\\':
+               case '\'':
+                       goto err;
+               default:
+                       break;
+               }
+       }
+
+       return 1;
+err:
+       C_LOGE("Invalid Smack label: %s", smack_label);
+       return 0;
+}
+
 /**
  * Set process SMACK label from EXEC label of a file.
  * This function is emulating EXEC label behaviour of SMACK for programs