#include <gio/gio.h>
#include <eventsystem.h>
#include <fcntl.h>
+#include <aul.h>
#include "eventsystem.h"
#include "eventsystem_internal.h"
static int __eventsystem_check_user_send_validation(const char *event_name);
static int __eventsystem_request_destination_list(const char *event_name, GList **dest_list);
-static int __eventsystem_check_sender_validation(int sender_pid,
+static int __eventsystem_check_sender_validation(int sender_pid, uid_t sender_uid,
const char *event_name, char **sender);
static eventmap_s *__create_eventmap(const char *interface_name,
const char *member_name, const char *event_name,
return pid;
}
+static uid_t __eventsystem_get_sender_uid(GDBusConnection *conn, const char *sender_name)
+{
+ GDBusMessage *msg = NULL;
+ GDBusMessage *reply = NULL;
+ GError *err = NULL;
+ GVariant *body;
+ uid_t uid = -1;
+
+ msg = g_dbus_message_new_method_call("org.freedesktop.DBus", "/org/freedesktop/DBus",
+ "org.freedesktop.DBus", "GetConnectionUnixUser");
+ if (!msg) {
+ _E("Can't allocate new method call");
+ goto out;
+ }
+
+ g_dbus_message_set_body(msg, g_variant_new("(s)", sender_name));
+ reply = g_dbus_connection_send_message_with_reply_sync(conn, msg,
+ G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, NULL, NULL, &err);
+
+ if (!reply) {
+ if (err != NULL) {
+ _E("Failed to get uid [%s]", err->message);
+ g_error_free(err);
+ }
+ goto out;
+ }
+
+ body = g_dbus_message_get_body(reply);
+ g_variant_get(body, "(u)", &uid);
+
+out:
+ if (msg)
+ g_object_unref(msg);
+ if (reply)
+ g_object_unref(reply);
+
+ return uid;
+}
+
static char *__get_object_path(char *interface_name)
{
int i;
return member_name;
}
-static int __check_validation_usrevent_sender(int sender_pid,
+static int __check_validation_usrevent_sender(int sender_pid, uid_t sender_uid,
const char *interface_name, const char *event_name)
{
char *sender_id = NULL;
char *key = NULL;
char *val = NULL;
- if (__eventsystem_check_sender_validation(sender_pid,
+ if (__eventsystem_check_sender_validation(sender_pid, sender_uid,
event_name, &sender_id) < 0) {
_E("invalid user-event sender");
return ES_R_EINVAL;
key = strdup(interface_name);
if (key == NULL) {
_E("out of memory");
- g_free(sender_id);
+ free(sender_id);
return ES_R_ENOMEM;
}
if (val == NULL) {
_E("out of memory");
free(key);
- g_free(sender_id);
+ free(sender_id);
return ES_R_ENOMEM;
}
g_hash_table_insert(filter_tbl, key, val);
- g_free(sender_id);
+ free(sender_id);
return ES_R_OK;
}
}
static void __eventsystem_application_event_handler(int sender_pid,
- const gchar *interface_name, const gchar *signal_name,
+ uid_t sender_uid, const gchar *interface_name, const gchar *signal_name,
GVariant *parameters, gpointer user_data)
{
GList *cb_list;
return;
}
- if (sender_pid > 0 && __check_interface_validation_user((char *)interface_name)) {
- if (__check_validation_usrevent_sender(sender_pid,
+ if (sender_pid > 0 && sender_uid > 0 &&
+ __check_interface_validation_user((char *)interface_name)) {
+ if (__check_validation_usrevent_sender(sender_pid, sender_uid,
(const char *)interface_name, em->event_name) < 0) {
_E("invalid sender");
return;
{
char *sender_id = NULL;
int sender_pid = -1;
+ uid_t sender_uid = -1;
_D("sender_name(%s), interface_name(%s)", sender_name, interface_name);
g_rec_mutex_unlock(&__rec_mutex);
return;
}
- _D("sender_pid(%d)", sender_pid);
+
+ sender_uid = __eventsystem_get_sender_uid(connection, sender_name);
+ if (sender_uid <= 0) {
+ _E("failed to get uid of sender(%s)", sender_name);
+ return;
+ }
+ _D("sender_pid(%d), sender_uid(%d)", sender_pid, sender_uid);
}
- __eventsystem_application_event_handler(sender_pid, interface_name,
+ __eventsystem_application_event_handler(sender_pid, sender_uid, interface_name,
signal_name, parameters, user_data);
g_rec_mutex_unlock(&__rec_mutex);
g_rec_mutex_lock(&__rec_mutex);
- __eventsystem_application_event_handler(-1, interface_name,
+ __eventsystem_application_event_handler(-1, -1, interface_name,
signal_name, parameters, user_data);
g_rec_mutex_unlock(&__rec_mutex);
return ret;
}
-static int __eventsystem_check_sender_validation(int sender_pid, const char *event_name,
- char **sender_id)
+static int __check_userevent_name_validation(const char *event_name,
+ const char *app_id)
{
- int ret = ES_R_EINVAL;
- GDBusConnection *conn = NULL;
- GError *error = NULL;
- GDBusProxy *proxy = NULL;
- GVariant *param = NULL;
- GVariant *value = NULL;
- gint result = 0;
+ size_t event_name_len;
+ char valid_name[256];
+ size_t last_dot_pos;
- if (!_initialized)
- __initialize();
+ if (event_name == NULL || app_id == NULL) {
+ _E("invalid param\n");
+ return -1;
+ }
- if (__get_gdbus_shared_connection(&conn, G_BUS_TYPE_SYSTEM, ES_TYPE_SYSTEM) < 0) {
- _E("getting gdbus-connetion error");
- ret = ES_R_ERROR;
- goto out_1;
+ event_name_len = strlen(event_name);
+ if (event_name_len == 0 || event_name_len > 256) {
+ _E("invalid length of event name\n");
+ return -1;
}
- proxy = g_dbus_proxy_new_sync(conn,
- G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES, NULL,
- ESD_BUS_NAME, ESD_OBJECT_PATH, ESD_INTERFACE_NAME,
- NULL, &error);
- if (proxy == NULL) {
- _E("failed to create new proxy, error(%s)", error ? error->message : "");
- g_error_free(error);
- ret = ES_R_ERROR;
- goto out_1;
+ const char *p = strrchr(event_name, '.');
+ if (p == NULL) {
+ return -1;
}
- param = g_variant_new("(is)", sender_pid, event_name);
- value = g_dbus_proxy_call_sync(proxy, "CheckSenderValidation", param,
- G_DBUS_CALL_FLAGS_NONE, -1, NULL, &error);
- if (error != NULL) {
- _E("proxy call sync error(%s)", error->message);
- g_error_free(error);
- ret = ES_R_ERROR;
- goto out_2;
+ last_dot_pos = p - event_name;
+ strncpy(valid_name, event_name, last_dot_pos);
+ valid_name[last_dot_pos] = '\0';
+
+ if (strncmp(valid_name, event_name, strlen(valid_name))!= 0) {
+ _E("%s is not valid[%s] for appid : %s", event_name, valid_name, app_id);
+ return -1;
}
- g_variant_get(value, "(is)", &result, sender_id);
+ return 0;
+}
- _D("result(%d)", result);
+static int __eventsystem_check_sender_validation(int sender_pid,
+ uid_t sender_uid, const char *event_name, char **sender_id)
+{
+ int ret = 0;
+ char app_id[128] = {0, };
- if (result == 1)
- ret = ES_R_OK;
-out_2:
- g_object_unref(proxy);
- g_variant_unref(value);
-out_1:
- if (conn)
- g_object_unref(conn);
+ if (!_initialized)
+ __initialize();
- return ret;
+ ret = aul_app_get_appid_bypid_for_uid(sender_pid, app_id, sizeof(app_id), sender_uid);
+ if (ret != AUL_R_OK) {
+ _E("failed to get appid by pid");
+ return ES_R_ERROR;
+ }
+
+ _D("pid(%d)-uid(%d)-appid(%s)", sender_pid, sender_uid, app_id);
+ *sender_id = strdup(app_id);
+
+ if (__check_userevent_name_validation(event_name, app_id) != 0) {
+ free(*sender_id);
+ *sender_id = NULL;
+ return ES_R_ERROR;
+ }
+
+ return ES_R_OK;
}
static int __eventsystem_check_user_send_validation(const char *event_name)
GVariant *param = NULL;
GVariant *value = NULL;
gint result = 0;
+ pid_t pid = getpid();
+ uid_t uid = getuid();
+ char app_id[128] = {0, };
if (!_initialized)
__initialize();
- if (getuid() < REGULAR_USER)
+ if (uid < REGULAR_USER)
return ES_R_OK;
+ /* This feature is specific to the 'pkgcmd' command.
+ example) TCT is executed in a 5001 user environment, but it cannot have privileges. */
+ ret = aul_app_get_appid_bypid_for_uid(pid, app_id, sizeof(app_id), uid);
+ if (ret == AUL_R_ERROR) {
+ _W("failed to get appid by pid[%d]. Because it is not app, so bypass it", pid);
+ return ES_R_OK;
+ }
+
if (__get_gdbus_shared_connection(&conn, G_BUS_TYPE_SYSTEM, ES_TYPE_SYSTEM) < 0) {
_E("getting gdbus-connetion error");
ret = ES_R_ERROR;
projects / platform / core / appfw / libeventsystem.git / commitdiff