From 9cd0240ec63551f9de39eca7b182dc08db1d9f7e Mon Sep 17 00:00:00 2001 From: YoungHun Kim Date: Wed, 26 Oct 2016 20:15:25 +0900 Subject: [PATCH] Fix the bug which the received vaule of multiple fds is invalid Change-Id: Iac1aba5d22e34f9e3f48c27b48694ca043014217 --- src/muse_core_ipc.c | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/src/muse_core_ipc.c b/src/muse_core_ipc.c index d73de0d..44a249e 100644 --- a/src/muse_core_ipc.c +++ b/src/muse_core_ipc.c @@ -620,13 +620,14 @@ int muse_core_ipc_recv_msg(int sock_fd, char *msg) int muse_core_ipc_recv_fd_msg(int sock_fd, char *buf, int *out_fd) { int ret = MM_ERROR_NONE; + int idx = 0; + int *fds; struct cmsghdr *cptr; struct msghdr msg; struct iovec iov; size_t completed_msg_len = 0; char data[CMSG_SPACE(sizeof(int) * MUSE_NUM_FD)]; char err_msg[MAX_ERROR_MSG_LEN] = {'\0',}; - int idx; g_return_val_if_fail(buf != NULL, MM_ERROR_INVALID_ARGUMENT); @@ -651,16 +652,17 @@ int muse_core_ipc_recv_fd_msg(int sock_fd, char *buf, int *out_fd) } if (out_fd) { - /* When muse_core_ipc_send_fd_msg is called, cptr is null because send_fd is -1 (EBADF ERROR) */ - cptr = CMSG_FIRSTHDR(&msg); + for (idx = 0; idx < MUSE_NUM_FD; idx++) + out_fd[idx] = SOCK_ERR; - for (idx = 0; idx < MUSE_NUM_FD; idx++) { - if (cptr == NULL) { - out_fd[idx] = SOCK_ERR; /* you can check that idx is the last pointer */ - break; + cptr = CMSG_FIRSTHDR(&msg); + if (cptr) { + fds = (int *) CMSG_DATA(cptr); + for (idx = 0; idx < MUSE_NUM_FD; idx++) { + if (fds[idx] < STDERR_FILENO || muse_core_ipc_is_valid_fd(fds[idx]) == FALSE) + break; + out_fd[idx] = fds[idx]; } - out_fd[idx] = *(int *)CMSG_DATA(cptr); - cptr = CMSG_NXTHDR(&msg, cptr); } } @@ -776,7 +778,8 @@ int muse_core_ipc_get_fd(muse_module_h module, int *fd) int muse_core_ipc_set_fd(muse_module_h module, int fd) { g_return_val_if_fail(module, MM_ERROR_INVALID_ARGUMENT); - if (muse_core_ipc_is_valid_fd(fd) != TRUE) { + + if (fd < STDERR_FILENO || muse_core_ipc_is_valid_fd(fd) != TRUE) { LOGE("invalid fd: %d", fd); return MM_ERROR_INVALID_ARGUMENT; } -- 2.7.4