From 2906cdafd12e4414bcf261b2b7e74c97ebe6a5e7 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Tue, 19 Sep 2017 11:36:33 +0900 Subject: [PATCH] secure: change insecure system function system() -> fork() + execve() Change-Id: I0a8a062013dddfbce03f11ddb6e02962775eb3e9 Signed-off-by: Sooyoung Ha --- src/sdb.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 50 insertions(+), 3 deletions(-) diff --git a/src/sdb.c b/src/sdb.c index 7b81403..f614bfb 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -1671,6 +1671,29 @@ static int init_sdk_userinfo() { return 0; } +static int safe_system(char *cmd, char *argv[], char *envp[]) { + pid_t pid; + int status; + + pid = fork(); + switch (pid) { + case -1: + return -1; + case 0: + execve(cmd, argv, envp); + D("- exec '%s' failed: (errno:%d) -\n", cmd, errno); + exit(-1); + default: + for (;;) { + pid_t p = waitpid(pid, &status, 0); + if (p == pid) { + break; + } + } + } + return 0; +} + static void init_sdk_requirements() { struct stat st; @@ -1684,11 +1707,35 @@ static void init_sdk_requirements() { if (g_sdk_home_dir != NULL && stat(g_sdk_home_dir, &st) == 0) { if (st.st_uid != g_sdk_user_id || st.st_gid != g_sdk_group_id) { - char cmd[128]; - snprintf(cmd, sizeof(cmd), "/usr/bin/chown %s:%s %s -R", SDK_USER_NAME, SDK_USER_NAME, g_sdk_home_dir); - if (system(cmd) < 0) { + char* cmd = "/usr/bin/chown"; + char params[128]; + char* envp[128]; + int envp_cnt = 0; + int i = 0; + + envp[envp_cnt++] = g_strdup("TERM=linux"); + envp[envp_cnt++] = g_strdup("DISPLAY=:0"); + envp[envp_cnt] = NULL; + + snprintf(params, sizeof(params), "%s %s:%s %s -R", cmd, SDK_USER_NAME, SDK_USER_NAME, g_sdk_home_dir); + + char* args[] = { + cmd, + params, + NULL, + }; + if (safe_system(cmd, args, envp) < 0) { D("failed to change ownership to sdk user to %s\n", g_sdk_home_dir); } + + /* free environment variables */ + if (envp_cnt > 0) { + for (i = 0; i < envp_cnt; i++) { + if (envp[i]) { + g_free(envp[i]); + } + } + } } } -- 2.7.4