From 9835efab532504182c99b07e7abfbe9c8053ad22 Mon Sep 17 00:00:00 2001 From: sunghyun kim Date: Wed, 9 May 2018 17:13:44 +0900 Subject: [PATCH] Use fread() for checking smack - A character buffer that has not been null terminated is passed to a function expecting a null terminated string - So use fread() for avoid this issue Change-Id: I40befbaf0793736514ed7d0167567464c912b219 --- .../widget_view_manager_impl.cpp | 28 ++++++++----------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp b/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp index 9eb205c..58ff0ca 100644 --- a/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp +++ b/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp @@ -83,11 +83,12 @@ static bool IsWidgetFeatureEnabled() static bool CheckPrivilege( const char* privilege ) { cynara* cynara; - int fd = 0; int ret = 0; - char subjectLabel[SMACK_LABEL_LENGTH + 1] = ""; + char subjectLabel[ SMACK_LABEL_LENGTH + 1 ] = ""; + char labelPath[ SMACK_LABEL_LENGTH + 1 ] = "/proc/self/attr/current"; char uid[10] = { 0, }; const char* clientSession = ""; + FILE *fp = NULL; ret = cynara_initialize( &cynara, NULL ); if( ret != CYNARA_API_SUCCESS ) @@ -95,23 +96,18 @@ static bool CheckPrivilege( const char* privilege ) return false; } - fd = open( "/proc/self/attr/current", O_RDONLY ); - if( fd < 0 ) + fp = fopen( labelPath , "r" ); + if(fp != NULL) { - cynara_finish( cynara ); - return false; - } - - ret = read( fd, subjectLabel, SMACK_LABEL_LENGTH ); - if( ret < 0 ) - { - close( fd ); - cynara_finish( cynara ); - return false; + if (fread( subjectLabel, 1, sizeof(subjectLabel), fp) <= 0) + { + fclose(fp); + cynara_finish( cynara ); + return false; + } + fclose(fp); } - close( fd ); - snprintf( uid, 10, "%d", getuid() ); ret = cynara_check( cynara, subjectLabel, clientSession, uid, privilege ); -- 2.34.1