From: Sangjin Lee <lsj119@samsung.com>
Date: Fri, 21 Jul 2017 04:45:32 +0000 (+0900)
Subject: dump: add function to check whether file is link or not
X-Git-Tag: accepted/tizen/3.0/common/20170728.153342~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=9c53a2fab3418baf84d5148e4ff39f5065eb64bb;p=platform%2Fcore%2Fuifw%2Flibtbm.git

dump: add function to check whether file is link or not

According to security code guide, before open the file for write it
should be check the file is symbolic link.

Change-Id: I8248e58292e17d67f0381e50a56571902f4fb8a2
---

diff --git a/src/tbm_surface_internal.c b/src/tbm_surface_internal.c
index 09c298b..e03570d 100644
--- a/src/tbm_surface_internal.c
+++ b/src/tbm_surface_internal.c
@@ -369,6 +369,29 @@ _tbm_surface_internal_destroy(tbm_surface_h surface)
 	}
 }
 
+static int
+_tbm_surface_check_file_is_valid(const char* path, int del_link)
+{
+	char *real_path;
+
+	if (!path)
+		return 0;
+
+	real_path = realpath(path, NULL);
+	if (real_path && strncmp(path, real_path, strlen(path))) {
+		if (del_link)
+			unlink(path);
+		free(real_path);
+
+		return 0;
+	}
+
+	if (real_path)
+		free(real_path);
+
+	return 1;
+}
+
 int
 tbm_surface_internal_is_valid(tbm_surface_h surface)
 {
@@ -1502,10 +1525,15 @@ static void
 _tbm_surface_internal_dump_file_raw(const char *file, void *data1, int size1,
 				void *data2, int size2, void *data3, int size3)
 {
-	FILE *fp = fopen(file, "w+");
-	TBM_RETURN_IF_FAIL(fp != NULL);
+	FILE *fp;
 	unsigned int *blocks;
 
+	if (!_tbm_surface_check_file_is_valid(file, 1))
+		TBM_LOG_E("%s is symbolic link\n", file);
+
+	fp = fopen(file, "w+");
+	TBM_RETURN_IF_FAIL(fp != NULL);
+
 	blocks = (unsigned int *)data1;
 	fwrite(blocks, 1, size1, fp);
 
@@ -1526,12 +1554,17 @@ static void
 _tbm_surface_internal_dump_file_png(const char *file, const void *data, int width, int height)
 {
 	unsigned int *blocks = (unsigned int *)data;
-	FILE *fp = fopen(file, "wb");
-	TBM_RETURN_IF_FAIL(fp != NULL);
+	FILE *fp;
 	const int pixel_size = 4;	// RGBA
 	png_bytep *row_pointers;
 	int depth = 8, y;
 
+	if (!_tbm_surface_check_file_is_valid(file, 1))
+		TBM_LOG_E("%s is symbolic link\n", file);
+
+	fp = fopen(file, "wb");
+	TBM_RETURN_IF_FAIL(fp != NULL);
+
 	png_structp pPngStruct = png_create_write_struct(PNG_LIBPNG_VER_STRING,
 							NULL, NULL, NULL);
 	if (!pPngStruct) {