projects / platform / core / multimedia / mmsvc-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4a89350)
Fix the bug which the received vaule of multiple fds is invalid 77/93977/5 accepted/tizen/3.0/ivi/20161028.133918 accepted/tizen/3.0/mobile/20161028.133023 accepted/tizen/3.0/tv/20161028.133341 accepted/tizen/3.0/wearable/20161028.133651 accepted/tizen/common/20161027.073659 accepted/tizen/ivi/20161027.055030 accepted/tizen/mobile/20161027.054933 accepted/tizen/tv/20161027.055004 accepted/tizen/wearable/20161027.055020 submit/tizen/20161027.030209 submit/tizen_3.0/20161028.062323 submit/tizen_3.0/20161028.082423
authorYoungHun Kim <yh8004.kim@samsung.com>
Wed, 26 Oct 2016 11:15:25 +0000 (20:15 +0900)
committerYoungHun Kim <yh8004.kim@samsung.com>
Wed, 26 Oct 2016 12:04:13 +0000 (21:04 +0900)
Change-Id: Iac1aba5d22e34f9e3f48c27b48694ca043014217

src/muse_core_ipc.c patch | blob | history

diff --git a/src/muse_core_ipc.c b/src/muse_core_ipc.c
index d73de0d..44a249e 100644 (file)
--- a/src/muse_core_ipc.c
+++ b/src/muse_core_ipc.c
@@ -620,13 +620,14 @@ int muse_core_ipc_recv_msg(int sock_fd, char *msg)
 int muse_core_ipc_recv_fd_msg(int sock_fd, char *buf, int *out_fd)
 {
        int ret = MM_ERROR_NONE;
+       int idx = 0;
+       int *fds;
        struct cmsghdr *cptr;
        struct msghdr msg;
        struct iovec iov;
        size_t completed_msg_len = 0;
        char data[CMSG_SPACE(sizeof(int) * MUSE_NUM_FD)];
        char err_msg[MAX_ERROR_MSG_LEN] = {'\0',};
-       int idx;
 
        g_return_val_if_fail(buf != NULL, MM_ERROR_INVALID_ARGUMENT);
 
@@ -651,16 +652,17 @@ int muse_core_ipc_recv_fd_msg(int sock_fd, char *buf, int *out_fd)
        }
 
        if (out_fd) {
-               /* When muse_core_ipc_send_fd_msg is called, cptr is null because send_fd is -1 (EBADF ERROR) */
-               cptr = CMSG_FIRSTHDR(&msg);
+               for (idx = 0; idx < MUSE_NUM_FD; idx++)
+                       out_fd[idx] = SOCK_ERR;
 
-               for (idx = 0; idx < MUSE_NUM_FD; idx++) {
-                       if (cptr == NULL) {
-                               out_fd[idx] = SOCK_ERR; /* you can check that idx is the last pointer */
-                               break;
+               cptr = CMSG_FIRSTHDR(&msg);
+               if (cptr) {
+                       fds = (int *) CMSG_DATA(cptr);
+                       for (idx = 0; idx < MUSE_NUM_FD; idx++) {
+                               if (fds[idx] < STDERR_FILENO || muse_core_ipc_is_valid_fd(fds[idx]) == FALSE)
+                                       break;
+                               out_fd[idx] = fds[idx];
                        }
-                       out_fd[idx] = *(int *)CMSG_DATA(cptr);
-                       cptr = CMSG_NXTHDR(&msg, cptr);
                }
        }
 
@@ -776,7 +778,8 @@ int muse_core_ipc_get_fd(muse_module_h module, int *fd)
 int muse_core_ipc_set_fd(muse_module_h module, int fd)
 {
        g_return_val_if_fail(module, MM_ERROR_INVALID_ARGUMENT);
-       if (muse_core_ipc_is_valid_fd(fd) != TRUE) {
+
+       if (fd < STDERR_FILENO || muse_core_ipc_is_valid_fd(fd) != TRUE) {
                LOGE("invalid fd: %d", fd);
                return MM_ERROR_INVALID_ARGUMENT;
        }
Domain: Multimedia / Media Common;