Check whether symbolic link or real file

If open a file in write mode and do not check whether the file is a symbolic link or not, the file can be overwritten unintentionally.
So, this commit will check whether the file is symbolic link or real file.

Change-Id: I9db8c0287b479ef7474a2525fc1de3bd39e47e22

diff --git a/common/vc_info_parser.c b/common/vc_info_parser.c
index d4b48ac..56ce84b 100644 (file)
--- a/common/vc_info_parser.c
+++ b/common/vc_info_parser.c
@@ -364,6 +364,45 @@ int vc_info_parser_unset_result(bool exclusive)
        return ret;
 }
 
+static int __is_symbolic_link(const char* path, bool* is_symbolic)
+{
+       extern int errno;
+       int ret = VC_ERROR_NONE;
+       *is_symbolic = true;
+       char real_path[PATH_MAX];
+       SLOG(LOG_DEBUG, vc_info_tag(), "[DEBUG] path: %s ", path);
+       if (realpath(path, real_path) != NULL) {
+               if (strncmp(path, real_path, strlen(path) + 1) == 0) {
+                       SLOG(LOG_DEBUG, vc_info_tag(), "[DEBUG] %s is real file, not symbolic link", path);
+                       *is_symbolic = false;
+               } else {
+                       char temp_path[PATH_MAX];
+                       if (getcwd(temp_path, PATH_MAX)) {
+                               strncat(temp_path, "/", sizeof(temp_path) - strlen(temp_path) - 1);
+                               strncat(temp_path, path, sizeof(temp_path) - strlen(temp_path) - 1);
+                               if (strncmp(temp_path, real_path, strlen(temp_path) + 1) == 0) {
+                                       SLOG(LOG_DEBUG, vc_info_tag(), "[DEBUG] %s is real file, not symbolic link", path);
+                                       *is_symbolic = false;
+                               }
+                       }
+               }
+
+               if (*is_symbolic == true)
+                       SLOG(LOG_ERROR, vc_info_tag(), "[INFO] %s is symbolic link", path);
+               return VC_ERROR_NONE;
+       } else {
+               *is_symbolic = false;
+               if (errno == ENOENT) {
+                       SLOG(LOG_DEBUG, vc_info_tag(), "[DEBUG] No such file or directory: %s", path);
+                       return VC_ERROR_OPERATION_REJECTED;
+               } else {
+                       SLOG(LOG_ERROR, vc_info_tag(), "[ERROR] error is %d", errno);
+                       return VC_ERROR_OPERATION_FAILED;
+               }
+       }
+       return ret;
+}
+
 int vc_info_parser_set_nlu_result(const char* nlu_result)
 {
        if (NULL == nlu_result) {
@@ -380,6 +419,13 @@ int vc_info_parser_set_nlu_result(const char* nlu_result)
        FILE* fp = NULL;
        int write_size = -1;
 
+       bool is_symbolic = true;
+       int ret = __is_symbolic_link(VC_RUNTIME_INFO_NLU_RESULT, &is_symbolic);
+       if (is_symbolic || VC_ERROR_OPERATION_FAILED == ret) {
+               SLOG(LOG_ERROR, vc_info_tag(), "[ERROR] Fail to open file, it is symbolic link : %s", VC_RUNTIME_INFO_NLU_RESULT);
+               return -1;
+       }
+
        fp = fopen(VC_RUNTIME_INFO_NLU_RESULT, "w+");
        if (NULL == fp) {
                SLOG(LOG_ERROR, vc_info_tag(), "[ERROR] Fail to open file %s", VC_RUNTIME_INFO_NLU_RESULT);