From 7a1d3bc562ea25630fe90943cad7e73ae4a06367 Mon Sep 17 00:00:00 2001 From: Myungki Lee Date: Tue, 12 Jul 2016 22:52:31 +0900 Subject: [PATCH] Check uid in notification_create func Change-Id: Ifd9b3e1558b3a3eac2291003be097ea167e9fdb6 Signed-off-by: Myungki Lee --- src/notification.c | 63 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 36 insertions(+), 27 deletions(-) diff --git a/src/notification.c b/src/notification.c index 7063a80..d1a0f2a 100755 --- a/src/notification.c +++ b/src/notification.c @@ -49,6 +49,8 @@ static void (*posted_toast_message_cb) (void *data); #define NOTI_TEXT_RESULT_LEN 2048 #define NOTI_PKGNAME_LEN 512 +#define REGULAR_UID_MIN 5000 + char *notification_get_pkgname_by_pid(void) { char pkgname[NOTI_PKGNAME_LEN + 1] = { 0, }; @@ -1423,7 +1425,6 @@ static notification_h _notification_create(notification_type_e type) else if (type == NOTIFICATION_TYPE_ONGOING) noti->layout = NOTIFICATION_LY_ONGOING_PROGRESS; - noti->caller_pkgname = notification_get_pkgname_by_pid(); noti->group_id = NOTIFICATION_GROUP_ID_NONE; noti->sound_type = NOTIFICATION_SOUND_TYPE_NONE; noti->vibration_type = NOTIFICATION_VIBRATION_TYPE_NONE; @@ -1432,40 +1433,48 @@ static notification_h _notification_create(notification_type_e type) noti->auto_remove = true; noti->ongoing_flag = false; - err_app_manager = app_manager_get_app_id(getpid(), &app_id); - if (err_app_manager != APP_MANAGER_ERROR_NONE || app_id == NULL) { - NOTIFICATION_WARN("app_manager_get_app_id failed err[%d] app_id[%p]", err_app_manager, app_id); - goto out; - } + if (getuid() >= REGULAR_UID_MIN) { + noti->caller_pkgname = notification_get_pkgname_by_pid(); - /* app name is used as domain name */ - /* domain_name is allocated by app_get_package_app_name */ - err_app_manager = app_get_package_app_name(app_id, &domain_name); + err_app_manager = app_manager_get_app_id(getpid(), &app_id); + if (err_app_manager != APP_MANAGER_ERROR_NONE || app_id == NULL) { + NOTIFICATION_WARN("app_manager_get_app_id failed err[%d] app_id[%p]", + err_app_manager, app_id); + goto out; + } - if (err_app_manager != APP_ERROR_NONE || domain_name == NULL) { - NOTIFICATION_WARN("app_get_package_app_name failed err[%d] domain_name[%p]", err_app_manager, domain_name); - goto out; - } + /* app name is used as domain name */ + /* domain_name is allocated by app_get_package_app_name */ + err_app_manager = app_get_package_app_name(app_id, &domain_name); - err_app_manager = package_info_create(noti->caller_pkgname, &package_info); + if (err_app_manager != APP_ERROR_NONE || domain_name == NULL) { + NOTIFICATION_WARN("app_get_package_app_name failed err[%d] domain_name[%p]", + err_app_manager, domain_name); + goto out; + } - if (err_app_manager != PACKAGE_MANAGER_ERROR_NONE || package_info == NULL) { - NOTIFICATION_WARN("package_info_create failed err[%d] package_info[%p] caller_pkgname[%s]", - err_app_manager, package_info, noti->caller_pkgname); - goto out; - } - err_app_manager = package_info_get_root_path(package_info, &app_root_path); + err_app_manager = package_info_create(noti->caller_pkgname, &package_info); - if (err_app_manager != PACKAGE_MANAGER_ERROR_NONE || app_root_path == NULL) { - NOTIFICATION_WARN("package_info_get_root_path failed err[%d] app_root_path[%p]", err_app_manager, app_root_path); - goto out; - } + if (err_app_manager != PACKAGE_MANAGER_ERROR_NONE || package_info == NULL) { + NOTIFICATION_WARN("package_info_create failed err[%d] package_info[%p] caller_pkgname[%s]", + err_app_manager, package_info, noti->caller_pkgname); + goto out; + } - snprintf(locale_directory, PATH_MAX, "%s/res/locale", app_root_path); + err_app_manager = package_info_get_root_path(package_info, &app_root_path); - noti->domain = strdup(domain_name); - noti->dir = strdup(locale_directory); + if (err_app_manager != PACKAGE_MANAGER_ERROR_NONE || app_root_path == NULL) { + NOTIFICATION_WARN("package_info_get_root_path failed err[%d] app_root_path[%p]", + err_app_manager, app_root_path); + goto out; + } + + snprintf(locale_directory, PATH_MAX, "%s/res/locale", app_root_path); + + noti->domain = strdup(domain_name); + noti->dir = strdup(locale_directory); + } out: if (domain_name) -- 2.7.4