From: Minje Ahn Date: Thu, 8 Feb 2018 06:40:23 +0000 (+0900) Subject: [SATIZENVUL-1319]Add cynara check when batch queries X-Git-Tag: accepted/tizen/unified/20180213.132815~4 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F53%2F169653%2F3;p=platform%2Fcore%2Fmultimedia%2Fmedia-server.git [SATIZENVUL-1319]Add cynara check when batch queries Change-Id: I8c3a80d9d693708c675732035e746a199c121c52 Signed-off-by: Minje Ahn --- diff --git a/src/server/media-server-socket.c b/src/server/media-server-socket.c index 5a151d0..e23342c 100755 --- a/src/server/media-server-socket.c +++ b/src/server/media-server-socket.c @@ -660,6 +660,7 @@ void _ms_process_tcp_message(gpointer data, gpointer user_data) ms_comm_msg_s recv_msg; int client_sock = GPOINTER_TO_INT(data); int send_msg = MS_MEDIA_ERR_NONE; + ms_peer_credentials creds; while (1) { if (power_off == TRUE) { @@ -667,8 +668,9 @@ void _ms_process_tcp_message(gpointer data, gpointer user_data) break; } memset((void *)&recv_msg, 0, sizeof(ms_comm_msg_s)); + memset(&creds, 0, sizeof(creds)); - ret = ms_ipc_receive_message_tcp(client_sock, &recv_msg); + ret = ms_cynara_receive_untrusted_message(client_sock, &recv_msg, &creds); if (ret != MS_MEDIA_ERR_NONE) { media_db_request_update_db_batch_clear(); MS_DBG_ERR("ms_ipc_receive_message_tcp failed [%d]", ret); @@ -676,6 +678,18 @@ void _ms_process_tcp_message(gpointer data, gpointer user_data) goto ERROR; } + if (ms_cynara_check(&creds, CONTENT_WRITE_PRIVILEGE) != MS_MEDIA_ERR_NONE) { + media_db_request_update_db_batch_clear(); + MS_SAFE_FREE(creds.smack); + MS_SAFE_FREE(creds.uid); + MS_DBG_ERR("Permission denied"); + send_msg = MS_MEDIA_ERR_PERMISSION_DENIED; + goto ERROR; + } + + MS_SAFE_FREE(creds.smack); + MS_SAFE_FREE(creds.uid); + if (!MS_STRING_VALID(recv_msg.msg)) { send_msg = MS_MEDIA_ERR_INVALID_PARAMETER; goto ERROR;