From 5e91052bc28849cccbd94b1e6a5dad8d966e9c57 Mon Sep 17 00:00:00 2001 From: Suyeon Hwang Date: Thu, 6 Jan 2022 20:31:56 +0900 Subject: [PATCH] Get library name from vconf Current code tries to get full path of dependency module from vconf of system. This means that framework allows to use annonymous library which is installed on any location. However, this behavior might allow to access malicious code and this would become critical problem. To solve this issue, this patch fix that the code gets the file name of library from the vconf. By this patch, all dependency module libraries should be installed predetermined location. The location is read only directory, so malicious code can not be located. Change-Id: I5ab83609229a0fe84b152894b3935d586859c98a Signed-off-by: Suyeon Hwang --- server/dependency_audio_manager.cpp | 12 ++++++------ server/dependency_audio_manager.h | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/server/dependency_audio_manager.cpp b/server/dependency_audio_manager.cpp index 8e2f6b0..f10abaa 100644 --- a/server/dependency_audio_manager.cpp +++ b/server/dependency_audio_manager.cpp @@ -41,13 +41,13 @@ int dependency_audio_manager_initialize(sound_stream_info_h stream_info_h, depen const int FILEPATH_LEN = 512; char filepath[FILEPATH_LEN] = {'\0', }; - char *vconf_str = vconf_get_str(VCD_DEPENDENCY_MODULE_PATH); - if (vconf_str) { - snprintf(filepath, FILEPATH_LEN - 1, "%s", vconf_str); - free(vconf_str); + const char *module_directory_path = VCD_DEPENDENCY_MODULE_DIRECTORY_PATH; + char *module_library_name = vconf_get_str(VCD_DEPENDENCY_MODULE_NAME); + if (module_library_name) { + snprintf(filepath, FILEPATH_LEN - 1, "%s/%s", module_directory_path, module_library_name); + free(module_library_name); } else { - const char *default_path = VCD_DEPENDENCY_DEFAULT_PATH; - snprintf(filepath, FILEPATH_LEN - 1, "%s/%s", default_path, VCD_DEPENDENCY_DEFAULT_FILENAME); + snprintf(filepath, FILEPATH_LEN - 1, "%s/%s", module_directory_path, VCD_DEPENDENCY_DEFAULT_FILENAME); } filepath[FILEPATH_LEN - 1] = '\0'; diff --git a/server/dependency_audio_manager.h b/server/dependency_audio_manager.h index 9568379..073ebf4 100644 --- a/server/dependency_audio_manager.h +++ b/server/dependency_audio_manager.h @@ -30,13 +30,13 @@ extern "C" { /************************************************************************************** *** Definitions for dependencies *************************************************************************************/ -#define VCD_DEPENDENCY_DEFAULT_PATH tzplatform_mkpath(tzplatform_getid("TZ_SYS_RO_SHARE"), "voice/vc/1.0/dependency-audio-manager") +#define VCD_DEPENDENCY_MODULE_DIRECTORY_PATH tzplatform_mkpath(tzplatform_getid("TZ_SYS_RO_SHARE"), "voice/vc/1.0/dependency-audio-manager") #ifdef TV_PRODUCT #define VCD_DEPENDENCY_DEFAULT_FILENAME "libaudio-manager-vd.so" #else #define VCD_DEPENDENCY_DEFAULT_FILENAME "libvc-audio-manager.so" #endif -#define VCD_DEPENDENCY_MODULE_PATH "db/voice/vc/dependency_module_path" +#define VCD_DEPENDENCY_MODULE_NAME "db/voice/vc/dependency_module_name" typedef int (*dependency_audio_manager_feed_audio_data)(const void* data, const unsigned int length); -- 2.34.1