From a4cd4e14dbf55d87886f9e3558ce920b79174ed8 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 11 Oct 2017 15:50:02 +0900 Subject: [PATCH 01/16] package: update version (3.0.42) Change-Id: I44989f6d30412a1b596e6da8a00314766e59e290 Signed-off-by: Jinhyung Jo --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 372ceb7..894d2ca 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.41 +Version: 3.0.42 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 16d3e0f8ea8641fdde9fad332daeff37587d4138 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Mon, 16 Oct 2017 16:19:57 +0900 Subject: [PATCH 02/16] source: remove unused function Change-Id: I8df28769edca2a8028ddcf984c630c28f5f04d5b Signed-off-by: Sooyoung Ha --- CMakeLists.txt | 1 - src/fileutils.c | 49 ------------------------------------------------- src/fileutils.h | 6 ------ src/sdktools.c | 1 - 4 files changed, 57 deletions(-) delete mode 100644 src/fileutils.c delete mode 100644 src/fileutils.h diff --git a/CMakeLists.txt b/CMakeLists.txt index 3bc41e2..b839a10 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -46,7 +46,6 @@ SET(SDBD_SRCS src/sdktools.c src/strutils.c src/init.c - src/fileutils.c src/commandline_sdbd.c src/usb_linux_client.c src/usb_funcfs_client.c diff --git a/src/fileutils.c b/src/fileutils.c deleted file mode 100644 index bb5071b..0000000 --- a/src/fileutils.c +++ /dev/null @@ -1,49 +0,0 @@ -#include -#include -#include -#include -#include -#include - -static int recurse(const char *path, mode_t mode, int (*fn)(const char *,mode_t, int)) { - struct stat st; - char dir[PATH_MAX]; - - if (path == NULL) { - return -1; - } - if (lstat (path, &st) == -1) { - return -1; - } - if (strrchr(path, '/') != NULL) { - int n = strlen(path)-strlen(strrchr(path, '/')); - if (n >= PATH_MAX) { - return -1; - } - strncpy(dir, path, n); - dir[n] = '\0'; - fn(dir, mode,1); - return 1; - } - return -1; -} - -int sdb_chmod(const char *path, mode_t mode, int recursive) { -#ifdef HAVE_WIN32_PROC - fprintf(stderr, "error: sdb_chmod not implemented on Win32 (%s)\n", path); - return -1; -#else - struct stat st; - - if (stat (path, &st) == -1) - return -1; - - if (chmod (path, mode) == -1) { - return -1; - } - if (recursive) { - return recurse(path, mode, sdb_chmod); - } - return 1; -#endif -} diff --git a/src/fileutils.h b/src/fileutils.h deleted file mode 100644 index 4debc92..0000000 --- a/src/fileutils.h +++ /dev/null @@ -1,6 +0,0 @@ -#ifndef _FILEUTILS_H_ -#define _FILEUTILS_H_ - -int sdb_chmod(const char *path, mode_t mode, int recursive); -#endif - diff --git a/src/sdktools.c b/src/sdktools.c index 755625a..ddf4b18 100644 --- a/src/sdktools.c +++ b/src/sdktools.c @@ -17,7 +17,6 @@ #include "sdb.h" #include "sdktools.h" #include "strutils.h" -#include "fileutils.h" #include "utils.h" struct sudo_command root_commands[] = { -- 2.7.4 From c64c4afdd702d6647ef6d3d208bb4290880bd657 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Mon, 16 Oct 2017 16:20:38 +0900 Subject: [PATCH 03/16] package: update version (3.0.43) Change-Id: Ic67edc88fa0ac9fc377e912b1ef4e4ddff48d3f3 Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 894d2ca..ea1aecd 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.42 +Version: 3.0.43 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 118fbdcfaefb590afa25577c0f916420d10bd27d Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Wed, 18 Oct 2017 12:09:29 +0900 Subject: [PATCH 04/16] plugin: do not null assign saveptr of strtok_r Change-Id: I49b9f386f45cab131be0f22e9c53cffbf40161ed Signed-off-by: Sooyoung Ha --- src/default_plugin_appcmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index bd4986c..5338854 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -141,7 +141,7 @@ static int appcmd_rununittestapp_gen_shellcmd(appcmd_info* p_info) { char *usr_args = NULL; char *buf = p_info->shell_cmd; int len = sizeof(p_info->shell_cmd); - char *ptr = NULL; + char *ptr; char *p_service = NULL; char *p_appid = NULL; -- 2.7.4 From beef02b4c0bd16b6a4bcd71fa5ea7ae9705ebd5a Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Wed, 18 Oct 2017 12:10:47 +0900 Subject: [PATCH 05/16] package: update version (3.0.44) Change-Id: I68231790d5e787f4a170240867e2aff12720e762 Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index ea1aecd..3ffe78f 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.43 +Version: 3.0.44 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 9f30b23e7207be90669228aa77d26e01627754b2 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Tue, 28 Nov 2017 15:04:48 +0900 Subject: [PATCH 06/16] fopen: add realpath before fopen To prevent path-modification attack using symbolic link. Change-Id: Id5133df718b1e14a22849920082ff1717bc417e6 Signed-off-by: Sooyoung Ha --- src/sdb.c | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/src/sdb.c b/src/sdb.c index cd9bada..51f6b7e 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -1239,11 +1239,18 @@ int daemonize(void) { _exit(0); } #ifdef SDB_PIDPATH - FILE *f = fopen(SDB_PIDPATH, "w"); - - if (f != NULL) { - fprintf(f, "%d\n", getpid()); - fclose(f); + char* tmppath = NULL; + tmppath = realpath(SDB_PIDPATH, NULL); + if (tmppath == NULL && errno == ENOENT) { + FILE *f = fopen(SDB_PIDPATH, "w"); + + if (f != NULL) { + fprintf(f, "%d\n", getpid()); + fclose(f); + } + } else { + D("sdbd: %s file is existed. It might not work properly.\n", SDB_PIDPATH); + free(tmppath); } #endif if (setsid() == -1) -- 2.7.4 From 5b080d26317cca57b8d81dc3198d813a9ee6143a Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Tue, 28 Nov 2017 15:07:31 +0900 Subject: [PATCH 07/16] package: update version (3.0.45) Change-Id: I5027cfea49cbbf4024eccd20ff5cce0d25d3671f Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 3ffe78f..f074854 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.44 +Version: 3.0.45 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 3a1e3202ff61949f61eb6de69ddc53f5126f6f03 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Wed, 29 Nov 2017 16:11:13 +0900 Subject: [PATCH 08/16] capability: add device_name capability The device_name is the value of VCONFKEY_SETAPPL_DEVICE_NAME_STR vconf key. Change-Id: Ic0204387a2e9362e5d095e1191170218a291b90a Signed-off-by: Sooyoung Ha --- src/sdb.c | 15 +++++++++++++++ src/sdb.h | 1 + src/services.c | 17 +++++++++++++++++ 3 files changed, 33 insertions(+) diff --git a/src/sdb.c b/src/sdb.c index 51f6b7e..079d9fc 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -1909,6 +1909,21 @@ static void init_capabilities(void) { } + // Device name + value = vconf_get_str(VCONFKEY_SETAPPL_DEVICE_NAME_STR); + if(value) { + snprintf(g_capabilities.device_name, sizeof(g_capabilities.device_name), + "%s", value); + if (value != NULL) { + free(value); + } + } else { + snprintf(g_capabilities.device_name, sizeof(g_capabilities.device_name), + "%s", UNKNOWN); + D("fail to get the Device name:%d\n", errno); + } + + // Platform version ret = system_info_get_platform_string("http://tizen.org/feature/platform.version", &value); if (ret != SYSTEM_INFO_ERROR_NONE) { diff --git a/src/sdb.h b/src/sdb.h index 43a3bfe..b9fe393 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -289,6 +289,7 @@ typedef struct platform_capabilities char vendor_name[CAPBUF_ITEMSIZE]; // vendor name (ex. Tizen) char sdk_toolpath[CAPBUF_L_ITEMSIZE]; // sdk tool path char can_launch[CAPBUF_L_ITEMSIZE]; // target name + char device_name[CAPBUF_ITEMSIZE]; // device name char platform_version[CAPBUF_ITEMSIZE]; // platform version (ex. 2.3.0) char product_version[CAPBUF_ITEMSIZE]; // product version (ex. 1.0) diff --git a/src/services.c b/src/services.c index b8fd31a..180ce77 100644 --- a/src/services.c +++ b/src/services.c @@ -1047,6 +1047,23 @@ static void get_capability(int fd, void *cookie) { offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, "can_launch", g_capabilities.can_launch); + // Device name + char* value = NULL; + value = vconf_get_str(VCONFKEY_SETAPPL_DEVICE_NAME_STR); + if(value) { + snprintf(g_capabilities.device_name, sizeof(g_capabilities.device_name), + "%s", value); + if (value != NULL) { + free(value); + } + } else { + snprintf(g_capabilities.device_name, sizeof(g_capabilities.device_name), + "%s", UNKNOWN); + D("fail to get the Device name:%d\n", errno); + } + offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, + "device_name", g_capabilities.device_name); + // Platform version offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, "platform_version", g_capabilities.platform_version); -- 2.7.4 From 2773479202890fe53a9be956fcc12930d193e792 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Thu, 7 Dec 2017 01:22:36 +0900 Subject: [PATCH 09/16] install: apply install -g option Change-Id: Ib84bb299caa8c43aa5e49116b31db5b76fb9f4d6 Signed-off-by: Sooyoung Ha --- src/services.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/src/services.c b/src/services.c index 180ce77..20a1d57 100644 --- a/src/services.c +++ b/src/services.c @@ -1152,6 +1152,63 @@ void get_boot(int fd, void *cookie) { sdb_close(fd); } +#define GRANT_FILE "/opt/share/askuser_disable" +int grantfile_exist = 0; +// TODO remove debug codes (snprintf buf) +void handle_grantfile(int fd, void *cookie) { + char buf[2] = { 0, }; + int opcode = atoi((char*)cookie); + char* tmppath = NULL; + + if (opcode == 1) { // create + tmppath = realpath(GRANT_FILE, NULL); + if (tmppath == NULL && errno == ENOENT) { + grantfile_exist = 0; + FILE *f = fopen(GRANT_FILE, "w"); + + if (f != NULL) { + fclose(f); + snprintf(buf, sizeof(buf), "%s", " "); + } else { + D("sdbd: cannot create %s file, errno %d.\n", GRANT_FILE, errno); + snprintf(buf, sizeof(buf), "%s", "5"); + } + } else { + grantfile_exist = 1; + D("sdbd: %s file is already existed.\n", GRANT_FILE); + snprintf(buf, sizeof(buf), "%s", "3"); + free(tmppath); + } + } else if (opcode == 2) { // remove + if (grantfile_exist != 0) { + D("sdbd: %s file is already existed.\n", GRANT_FILE); + snprintf(buf, sizeof(buf), "%s", "4"); + } else { + tmppath = realpath(GRANT_FILE, NULL); + if (tmppath == NULL && errno == ENOENT) { + D("sdbd: cannot find %s file.\n", GRANT_FILE); + snprintf(buf, sizeof(buf), "%s", "6"); + } else if (tmppath != NULL && !strncmp(GRANT_FILE, tmppath, strlen(GRANT_FILE)+1)) { + sdb_unlink(GRANT_FILE); + snprintf(buf, sizeof(buf), "%s", " "); + free(tmppath); + } else { + D("sdbd: unknown error has occured.\n"); + snprintf(buf, sizeof(buf), "%s", "8"); + if (tmppath != NULL) { + free(tmppath); + } + } + } + } else { + // abnormal operation + D("sdbd: abnormal operation.\n"); + snprintf(buf, sizeof(buf), "%s", "9"); + } + writex(fd, buf, strlen(buf)); + sdb_close(fd); +} + int service_to_fd(const char *name) { int ret = -1; @@ -1254,6 +1311,8 @@ int service_to_fd(const char *name) char* env_variable = NULL; env_variable = strdup(name+14); ret = create_service_thread(get_tzplatform_env, (void *)(env_variable)); + } else if(!strncmp(name, "grantfile:", 10)){ + ret = create_service_thread(handle_grantfile, (void*)name+10); } else if(!strncmp(name, "appcmd:", 7)){ ret = request_appcmd_to_plugin(name+7); } -- 2.7.4 From b5e2341660359ff96a3787b27e1b212b3c431491 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Thu, 7 Dec 2017 01:23:25 +0900 Subject: [PATCH 10/16] package: update version (3.0.46) Change-Id: I3fd3e5cc10291c64daf083e525716f126fd36c57 Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index f074854..e206b39 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.45 +Version: 3.0.46 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 4932cc36e99998d178ee4a87dd294d9e9a603f34 Mon Sep 17 00:00:00 2001 From: "jihye424.kim" Date: Fri, 15 Dec 2017 15:41:27 +0900 Subject: [PATCH 11/16] appcmd: modify runapp command -- check type of application is widget or not before to run application Change-Id: I0d791cf802ab937a0273df9335e6d91774887d92 Signed-off-by: jihye424.kim --- src/default_plugin_appcmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index 5338854..c360f62 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -129,7 +129,7 @@ static int appcmd_runapp_gen_shellcmd(appcmd_info* p_info) { D("args: appid=%s\n", appid); snprintf(buf, len, "/usr/bin/pkginfo --app %s | grep component: | awk '{print $2}'" - " | while read var; do if [ $var = watchapp ]; then /usr/bin/app_launcher " + " | while read var; do if [ $var = watchapp ] || [ $var = widgetapp ]; then /usr/bin/app_launcher " "--start org.tizen.widget_viewer_sdk widget_id %s; else /usr/bin/app_launcher " "--start %s; fi; done", appid, appid, appid); -- 2.7.4 From b5abdd3a92965264e92a402a1c4cb767467c3e20 Mon Sep 17 00:00:00 2001 From: "jounsun.beak" Date: Fri, 1 Dec 2017 21:35:29 +0900 Subject: [PATCH 12/16] plugin: add verify_path to check valid path for push Change-Id: I0ae896d25fc4fb9c8bbf89fee16f3f04b3f70160 Signed-off-by: jounsun.beak --- src/default_plugin.h | 1 + src/default_plugin_basic.c | 24 ++++++++++++++++++++++++ src/default_plugin_main.c | 2 ++ src/file_sync_service.c | 6 ++++++ src/sdbd_plugin.h | 1 + 5 files changed, 34 insertions(+) diff --git a/src/default_plugin.h b/src/default_plugin.h index 0c8b5b9..9420d7c 100644 --- a/src/default_plugin.h +++ b/src/default_plugin.h @@ -27,6 +27,7 @@ int verify_sdbd_launch ( parameters* in, parameters* out ); int verify_root_cmd ( parameters* in, parameters* out ); int get_lock_state ( parameters* in, parameters* out ); int get_shell_env ( parameters* in, parameters* out ); +int verify_push ( parameters* in, parameters* out ); int auth_support ( parameters* in, parameters* out ); int auth_get_key_file_paths ( parameters* in, parameters* out ); diff --git a/src/default_plugin_basic.c b/src/default_plugin_basic.c index 0354377..18fed8a 100644 --- a/src/default_plugin_basic.c +++ b/src/default_plugin_basic.c @@ -250,3 +250,27 @@ int get_shell_env ( parameters* in, parameters* out ) return PLUGIN_CMD_SUCCESS; } +int verify_push ( parameters* in, parameters* out ) +{ + if ( in == NULL || in->number_of_parameter != 1 || in->array_of_parameter == NULL + || in->array_of_parameter[0].type != type_string ) { + D ( "Invalid argument\n" ); + return PLUGIN_CMD_FAIL; + } + + if ( out == NULL ) { + D ( "Invalid argument\n" ); + return PLUGIN_CMD_FAIL; + } + + out->number_of_parameter = 1; + out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } + out->array_of_parameter[0].type = type_int32; + out->array_of_parameter[0].v_int32 = PLUGIN_RET_VALID; + + return PLUGIN_CMD_SUCCESS; +} \ No newline at end of file diff --git a/src/default_plugin_main.c b/src/default_plugin_main.c index 37e5f54..9195449 100644 --- a/src/default_plugin_main.c +++ b/src/default_plugin_main.c @@ -58,6 +58,8 @@ int default_plugin_sync_proc ( int cmd, parameters* in, parameters* out ) ret = get_lock_state ( in, out ); } else if ( cmd == PLUGIN_SYNC_CMD_GET_SHELL_ENV ) { ret = get_shell_env ( in, out ); + } else if ( cmd == PLUGIN_SYNC_CMD_VERITY_PUSH ) { + ret = verify_push ( in, out ); } else { ret = PLUGIN_CMD_NOT_SUPPORT; } diff --git a/src/file_sync_service.c b/src/file_sync_service.c index f2da4c1..ec03f03 100644 --- a/src/file_sync_service.c +++ b/src/file_sync_service.c @@ -38,6 +38,7 @@ #include "sdktools.h" #include "sdbd_plugin.h" #include "utils.h" +#include "plugin.h" #define SYNC_TIMEOUT 15 @@ -467,6 +468,11 @@ static int do_send(int s, int noti_fd, char *path, char *buffer) return -1; } + if (!request_validity_to_plugin(PLUGIN_SYNC_CMD_VERITY_PUSH, path)) { + fail_message(s, "You cannot push files to this path."); + return -1; + } + tmp = strrchr(path,','); if(tmp) { *tmp = 0; diff --git a/src/sdbd_plugin.h b/src/sdbd_plugin.h index 0a9287a..d8cb702 100644 --- a/src/sdbd_plugin.h +++ b/src/sdbd_plugin.h @@ -34,6 +34,7 @@ #define PLUGIN_SYNC_CMD_AUTH_GET_KEY_FILEPATHS 1007 #define PLUGIN_SYNC_CMD_GET_LOCK_STATE 1008 #define PLUGIN_SYNC_CMD_GET_SHELL_ENV 1009 +#define PLUGIN_SYNC_CMD_VERITY_PUSH 1010 #define PLUGIN_SYNC_CMD_SEC_INIT 1100 #define PLUGIN_SYNC_CMD_SEC_DEINIT 1101 -- 2.7.4 From 408090ba7e23fd762ad1ac26e09670491afc2ade Mon Sep 17 00:00:00 2001 From: "adhavan.m" Date: Wed, 28 Mar 2018 18:22:46 +0530 Subject: [PATCH 13/16] Fix for sdbd security issues Change-Id: Ideaab3d8fb75eb21973ec12856cc5c82e58f90a8 Signed-off-by: adhavan.m --- src/default_plugin_appcmd.c | 37 +++++++++++++++++++++++-------------- src/services.c | 10 +++++----- 2 files changed, 28 insertions(+), 19 deletions(-) diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index c360f62..07396dc 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -82,14 +82,14 @@ static int appcmd_install_gen_shellcmd(appcmd_info* p_info) { if (strncmp(pkgid, "null", 4) == 0) { if (strncmp(teppath, "null", 4) == 0) { /* Normal install case */ - snprintf(buf, len, "pkgcmd -i -q -t %s -p %s -G", type, pkgpath); + snprintf(buf, len, "pkgcmd -i -q -t \'%s\' -p \'%s\' -G", type, pkgpath); } else { /* TEP install case */ - snprintf(buf, len, "pkgcmd -i -q -p %s -e %s -G", pkgpath, teppath); + snprintf(buf, len, "pkgcmd -i -q -p \'%s\' -e \'%s\' -G", pkgpath, teppath); } } else { /* Re-install case */ - snprintf(buf, len, "pkgcmd -r -q -t %s -n %s", type, pkgid); + snprintf(buf, len, "pkgcmd -r -q -t \'%s\' -n \'%s\'", type, pkgid); } return 0; @@ -109,7 +109,7 @@ static int appcmd_uninstall_gen_shellcmd(appcmd_info* p_info) { D("args: pkgid=%s\n", pkgid); - snprintf(buf, len, "pkgcmd -u -q -n %s", pkgid); + snprintf(buf, len, "pkgcmd -u -q -n \'%s\'", pkgid); return 0; } @@ -128,10 +128,10 @@ static int appcmd_runapp_gen_shellcmd(appcmd_info* p_info) { D("args: appid=%s\n", appid); - snprintf(buf, len, "/usr/bin/pkginfo --app %s | grep component: | awk '{print $2}'" + snprintf(buf, len, "/usr/bin/pkginfo --app \'%s\' | grep component: | awk '{print $2}'" " | while read var; do if [ $var = watchapp ] || [ $var = widgetapp ]; then /usr/bin/app_launcher " - "--start org.tizen.widget_viewer_sdk widget_id %s; else /usr/bin/app_launcher " - "--start %s; fi; done", appid, appid, appid); + "--start org.tizen.widget_viewer_sdk widget_id \'%s\'; else /usr/bin/app_launcher " + "--start \'%s\'; fi; done", appid, appid, appid); return 0; } @@ -164,7 +164,7 @@ static int appcmd_rununittestapp_gen_shellcmd(appcmd_info* p_info) { D("args: appid=%s, usr_args=%s\n", appid, usr_args); - snprintf(buf, len, "/usr/bin/app_launcher -s %s __AUL_SDK__ UNIT_TEST __LAUNCH_APP_MODE__ SYNC __DLP_UNIT_TEST_ARG__ \'%s\'", appid, usr_args); + snprintf(buf, len, "/usr/bin/app_launcher -s \'%s\' __AUL_SDK__ UNIT_TEST __LAUNCH_APP_MODE__ SYNC __DLP_UNIT_TEST_ARG__ \'%s\'", appid, usr_args); return 0; } @@ -183,7 +183,7 @@ static int appcmd_killapp_gen_shellcmd(appcmd_info* p_info) { D("args: appid=%s\n", appid); - snprintf(buf, len, "/usr/bin/app_launcher --kill %s", appid); + snprintf(buf, len, "/usr/bin/app_launcher --kill \'%s\'", appid); return 0; } @@ -202,7 +202,7 @@ static int appcmd_packagelist_gen_shellcmd(appcmd_info* p_info) { D("args: type=%s\n", type); - snprintf(buf, len, "/usr/bin/pkgcmd -l -t %s", type); + snprintf(buf, len, "/usr/bin/pkgcmd -l -t \'%s\'", type); return 0; } @@ -221,7 +221,7 @@ static int appcmd_debugwebapp_gen_shellcmd(appcmd_info* p_info) { D("args: appid=%s\n", appid); - snprintf(buf, len, "/usr/bin/app_launcher --start %s -w", appid); + snprintf(buf, len, "/usr/bin/app_launcher --start \'%s\' -w", appid); return 0; } @@ -249,10 +249,10 @@ static int appcmd_debugnativeapp_gen_shellcmd(appcmd_info* p_info) { D("args: debug_port=%s, appid=%s, pid=%d, gdbserver_path=%s\n", debug_port, appid, pid, gdbserver_path); if (pid == -1) { - snprintf(buf, len, "/usr/bin/app_launcher --start %s __AUL_SDK__ DEBUG __DLP_DEBUG_ARG__ :%s __DLP_GDBSERVER_PATH__ %s", appid, debug_port, gdbserver_path); + snprintf(buf, len, "/usr/bin/app_launcher --start \'%s\' __AUL_SDK__ DEBUG __DLP_DEBUG_ARG__ :\'%s\' __DLP_GDBSERVER_PATH__ \'%s\'", appid, debug_port, gdbserver_path); } else { /* attach mode */ - snprintf(buf, len, "/usr/bin/launch_debug %s __AUL_SDK__ ATTACH __DLP_GDBSERVER_PATH__ %s __DLP_ATTACH_ARG__ --attach,:%s,%d", appid, gdbserver_path, debug_port, pid); + snprintf(buf, len, "/usr/bin/launch_debug \'%s\' __AUL_SDK__ ATTACH __DLP_GDBSERVER_PATH__ \'%s\' __DLP_ATTACH_ARG__ --attach,:\'%s\',%d", appid, gdbserver_path, debug_port, pid); } return 0; @@ -272,7 +272,7 @@ static int appcmd_appinfo_gen_shellcmd(appcmd_info* p_info) { D("args: pkgid=%s\n", pkgid); - snprintf(buf, len, "/usr/bin/pkginfo --list %s", pkgid); + snprintf(buf, len, "/usr/bin/pkginfo --list \'%s\'", pkgid); return 0; } @@ -374,6 +374,9 @@ static void appcmd_receiver_packagelist(int fd_in, int fd_out) } sub2[0] = '\0'; + if ((out_ptr + strlen(sub1) + 1) > sizeof(out_buf)) { + break; + } snprintf(out_buf+out_ptr, sizeof(out_buf)-out_ptr, ":%s", sub1); out_ptr += strlen(sub1)+1; } @@ -415,12 +418,18 @@ static void appcmd_receiver_appinfo(int fd_in, int fd_out) memset(appid, 0, sizeof(appid)); sscanf(buf, "Appid: %127s", appid); + if ((out_ptr + strlen(appid) + 1) > sizeof(out_buf)) { + break; + } snprintf(out_buf+out_ptr, sizeof(out_buf)-out_ptr, ":%s", appid); out_ptr += strlen(appid)+1; } else if (!strncmp(buf, "Apptype: ", 9)) { memset(apptype, 0, sizeof(apptype)); sscanf(buf, "Apptype: %127s", apptype); + if ((out_ptr + strlen(apptype) + 1) > sizeof(out_buf)) { + break; + } snprintf(out_buf+out_ptr, sizeof(out_buf)-out_ptr, ":%s", apptype); out_ptr += strlen(apptype)+1; } diff --git a/src/services.c b/src/services.c index 20a1d57..06550fc 100644 --- a/src/services.c +++ b/src/services.c @@ -914,11 +914,11 @@ static void get_platforminfo(int fd, void *cookie) { pinfo sysinfo; char *value = NULL; - s_strncpy(sysinfo.platform_info_version, INFO_VERSION, strlen(INFO_VERSION)); + s_strncpy(sysinfo.platform_info_version, INFO_VERSION, sizeof(sysinfo.platform_info_version)); int r = system_info_get_platform_string("http://tizen.org/system/model_name", &value); if (r != SYSTEM_INFO_ERROR_NONE) { - s_strncpy(sysinfo.model_name, UNKNOWN, strlen(UNKNOWN)); + s_strncpy(sysinfo.model_name, UNKNOWN, sizeof(sysinfo.model_name)); D("fail to get system model:%d\n", errno); } else { s_strncpy(sysinfo.model_name, value, sizeof(sysinfo.model_name)); @@ -930,7 +930,7 @@ static void get_platforminfo(int fd, void *cookie) { r = system_info_get_platform_string("http://tizen.org/system/platform.name", &value); if (r != SYSTEM_INFO_ERROR_NONE) { - s_strncpy(sysinfo.platform_name, UNKNOWN, strlen(UNKNOWN)); + s_strncpy(sysinfo.platform_name, UNKNOWN, sizeof(sysinfo.platform_name)); D("fail to get platform name:%d\n", errno); } else { s_strncpy(sysinfo.platform_name, value, sizeof(sysinfo.platform_name)); @@ -944,7 +944,7 @@ static void get_platforminfo(int fd, void *cookie) { // FIXME: the result is different when using SYSTEM_INFO_KEY_TIZEN_VERSION_NAME r = system_info_get_platform_string("tizen.org/feature/platform.version", &value); if (r != SYSTEM_INFO_ERROR_NONE) { - s_strncpy(sysinfo.platform_version, UNKNOWN, strlen(UNKNOWN)); + s_strncpy(sysinfo.platform_version, UNKNOWN, sizeof(sysinfo.platform_version)); D("fail to get platform version:%d\n", errno); } else { s_strncpy(sysinfo.platform_version, value, sizeof(sysinfo.platform_version)); @@ -956,7 +956,7 @@ static void get_platforminfo(int fd, void *cookie) { r = system_info_get_platform_string("tizen.org/feature/profile", &value); if (r != SYSTEM_INFO_ERROR_NONE) { - s_strncpy(sysinfo.profile_name, UNKNOWN, strlen(UNKNOWN)); + s_strncpy(sysinfo.profile_name, UNKNOWN, sizeof(sysinfo.profile_name)); D("fail to get profile name:%d\n", errno); } else { s_strncpy(sysinfo.profile_name, value, sizeof(sysinfo.profile_name)); -- 2.7.4 From 3fc8676e0946a0fdb83b1066454b55a8be3de809 Mon Sep 17 00:00:00 2001 From: "adhavan.m" Date: Thu, 5 Apr 2018 15:32:42 +0530 Subject: [PATCH 14/16] Package: Update version (3.0.47) Change-Id: Icb026b148604632205500d60a8303f88ef036fde Signed-off-by: adhavan.m --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index e206b39..f72e983 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.46 +Version: 3.0.47 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From c3997a04a23f032a2817cd857cb786516f8dd0e3 Mon Sep 17 00:00:00 2001 From: "adhavan.m" Date: Tue, 10 Apr 2018 17:46:05 +0530 Subject: [PATCH 15/16] Added appcmd arguments parsing Change-Id: Ifb7c03e2659eac06d9f26740900e2d08d356893a Signed-off-by: adhavan.m --- src/default_plugin_appcmd.c | 258 ++++++++++++++++++++++++++++++-------------- src/strutils.c | 19 ++++ 2 files changed, 197 insertions(+), 80 deletions(-) diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index 07396dc..6d511c3 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -72,27 +72,47 @@ static int appcmd_install_gen_shellcmd(appcmd_info* p_info) { return -1; } - type = p_info->args[1]; - pkgpath = p_info->args[2]; - pkgid = p_info->args[3]; - teppath = p_info->args[4]; - - D("args: type=%s, pkgpath=%s, pkgid=%s, teppath=%s\n", type, pkgpath, pkgid, teppath); - - if (strncmp(pkgid, "null", 4) == 0) { - if (strncmp(teppath, "null", 4) == 0) { - /* Normal install case */ - snprintf(buf, len, "pkgcmd -i -q -t \'%s\' -p \'%s\' -G", type, pkgpath); - } else { - /* TEP install case */ - snprintf(buf, len, "pkgcmd -i -q -p \'%s\' -e \'%s\' -G", pkgpath, teppath); - } - } else { - /* Re-install case */ - snprintf(buf, len, "pkgcmd -r -q -t \'%s\' -n \'%s\'", type, pkgid); - } - - return 0; + type = parse_arg(p_info->args[1]); + pkgpath = parse_arg(p_info->args[2]); + pkgid = parse_arg(p_info->args[3]); + teppath = parse_arg(p_info->args[4]); + + if (type != NULL && pkgpath != NULL && pkgid != NULL && teppath != NULL) { + D("args: type=%s, pkgpath=%s, pkgid=%s, teppath=%s\n", type, pkgpath, pkgid, teppath); + + if (strncmp(pkgid, "null", 4) == 0) { + if (strncmp(teppath, "null", 4) == 0) { + /* Normal install case */ + snprintf(buf, len, "pkgcmd -i -q -t %s -p %s -G", type, pkgpath); + } else { + /* TEP install case */ + snprintf(buf, len, "pkgcmd -i -q -p %s -e %s -G", pkgpath, teppath); + } + } else { + /* Re-install case */ + snprintf(buf, len, "pkgcmd -r -q -t %s -n %s", type, pkgid); + } + + free(type); + free(pkgpath); + free(pkgid); + free(teppath); + + return 0; + } + if (type != NULL) { + free(type); + } + if (pkgpath != NULL) { + free(pkgpath); + } + if (pkgid != NULL) { + free(pkgid); + } + if (teppath != NULL) { + free(teppath); + } + return -1; } static int appcmd_uninstall_gen_shellcmd(appcmd_info* p_info) { @@ -105,13 +125,18 @@ static int appcmd_uninstall_gen_shellcmd(appcmd_info* p_info) { return -1; } - pkgid = p_info->args[1]; + pkgid = parse_arg(p_info->args[1]); - D("args: pkgid=%s\n", pkgid); + if (pkgid != NULL) { + D("args: pkgid=%s\n", pkgid); - snprintf(buf, len, "pkgcmd -u -q -n \'%s\'", pkgid); + snprintf(buf, len, "pkgcmd -u -q -n %s", pkgid); - return 0; + free(pkgid); + + return 0; + } + return -1; } static int appcmd_runapp_gen_shellcmd(appcmd_info* p_info) { @@ -124,16 +149,21 @@ static int appcmd_runapp_gen_shellcmd(appcmd_info* p_info) { return -1; } - appid = p_info->args[1]; + appid = parse_arg(p_info->args[1]); - D("args: appid=%s\n", appid); + if (appid != NULL) { + D("args: appid=%s\n", appid); - snprintf(buf, len, "/usr/bin/pkginfo --app \'%s\' | grep component: | awk '{print $2}'" - " | while read var; do if [ $var = watchapp ] || [ $var = widgetapp ]; then /usr/bin/app_launcher " - "--start org.tizen.widget_viewer_sdk widget_id \'%s\'; else /usr/bin/app_launcher " - "--start \'%s\'; fi; done", appid, appid, appid); + snprintf(buf, len, "/usr/bin/pkginfo --app %s | grep component: | awk '{print $2}'" + " | while read var; do if [ $var = watchapp ] || [ $var = widgetapp ]; then /usr/bin/app_launcher " + "--start org.tizen.widget_viewer_sdk widget_id %s; else /usr/bin/app_launcher " + "--start %s; fi; done", appid, appid, appid); - return 0; + free(appid); + + return 0; + } + return -1; } static int appcmd_rununittestapp_gen_shellcmd(appcmd_info* p_info) { @@ -159,14 +189,26 @@ static int appcmd_rununittestapp_gen_shellcmd(appcmd_info* p_info) { p_info->args[1] = strdup(p_appid); p_info->args[2] = strdup(ptr); - appid = p_info->args[1]; - usr_args = p_info->args[2]; + appid = parse_arg(p_info->args[1]); + usr_args = parse_arg(p_info->args[2]); - D("args: appid=%s, usr_args=%s\n", appid, usr_args); + if (appid != NULL && usr_args != NULL) { + D("args: appid=%s, usr_args=%s\n", appid, usr_args); - snprintf(buf, len, "/usr/bin/app_launcher -s \'%s\' __AUL_SDK__ UNIT_TEST __LAUNCH_APP_MODE__ SYNC __DLP_UNIT_TEST_ARG__ \'%s\'", appid, usr_args); + snprintf(buf, len, "/usr/bin/app_launcher -s %s __AUL_SDK__ UNIT_TEST __LAUNCH_APP_MODE__ SYNC __DLP_UNIT_TEST_ARG__ \'%s\'", appid, usr_args); - return 0; + free(appid); + free(usr_args); + + return 0; + } + if (appid != NULL) { + free(appid); + } + if (usr_args != NULL) { + free(usr_args); + } + return -1; } static int appcmd_killapp_gen_shellcmd(appcmd_info* p_info) { @@ -179,13 +221,18 @@ static int appcmd_killapp_gen_shellcmd(appcmd_info* p_info) { return -1; } - appid = p_info->args[1]; + appid = parse_arg(p_info->args[1]); - D("args: appid=%s\n", appid); + if (appid != NULL) { + D("args: appid=%s\n", appid); - snprintf(buf, len, "/usr/bin/app_launcher --kill \'%s\'", appid); + snprintf(buf, len, "/usr/bin/app_launcher --kill %s", appid); - return 0; + free(appid); + + return 0; + } + return -1; } static int appcmd_packagelist_gen_shellcmd(appcmd_info* p_info) { @@ -198,13 +245,18 @@ static int appcmd_packagelist_gen_shellcmd(appcmd_info* p_info) { return -1; } - type = p_info->args[1]; + type = parse_arg(p_info->args[1]); - D("args: type=%s\n", type); + if (type != NULL) { + D("args: type=%s\n", type); - snprintf(buf, len, "/usr/bin/pkgcmd -l -t \'%s\'", type); + snprintf(buf, len, "/usr/bin/pkgcmd -l -t %s", type); - return 0; + free(type); + + return 0; + } + return -1; } static int appcmd_debugwebapp_gen_shellcmd(appcmd_info* p_info) { @@ -217,13 +269,18 @@ static int appcmd_debugwebapp_gen_shellcmd(appcmd_info* p_info) { return -1; } - appid = p_info->args[1]; + appid = parse_arg(p_info->args[1]); - D("args: appid=%s\n", appid); + if (appid != NULL) { + D("args: appid=%s\n", appid); - snprintf(buf, len, "/usr/bin/app_launcher --start \'%s\' -w", appid); + snprintf(buf, len, "/usr/bin/app_launcher --start %s -w", appid); - return 0; + free(appid); + + return 0; + } + return -1; } static int appcmd_debugnativeapp_gen_shellcmd(appcmd_info* p_info) { @@ -240,22 +297,42 @@ static int appcmd_debugnativeapp_gen_shellcmd(appcmd_info* p_info) { return -1; } - debug_port = p_info->args[1]; - appid= p_info->args[2]; - pid_str = p_info->args[3]; - gdbserver_path = p_info->args[4]; // not used. for 3.0 platform. + debug_port = parse_arg(p_info->args[1]); + appid= parse_arg(p_info->args[2]); + pid_str = parse_arg(p_info->args[3]); + gdbserver_path = parse_arg(p_info->args[4]); // not used. for 3.0 platform. - pid = atoi(pid_str); - D("args: debug_port=%s, appid=%s, pid=%d, gdbserver_path=%s\n", debug_port, appid, pid, gdbserver_path); + if (debug_port != NULL && appid != NULL && pid_str != NULL && gdbserver_path != NULL) { + pid = atoi(pid_str); + D("args: debug_port=%s, appid=%s, pid=%d, gdbserver_path=%s\n", debug_port, appid, pid, gdbserver_path); - if (pid == -1) { - snprintf(buf, len, "/usr/bin/app_launcher --start \'%s\' __AUL_SDK__ DEBUG __DLP_DEBUG_ARG__ :\'%s\' __DLP_GDBSERVER_PATH__ \'%s\'", appid, debug_port, gdbserver_path); - } else { - /* attach mode */ - snprintf(buf, len, "/usr/bin/launch_debug \'%s\' __AUL_SDK__ ATTACH __DLP_GDBSERVER_PATH__ \'%s\' __DLP_ATTACH_ARG__ --attach,:\'%s\',%d", appid, gdbserver_path, debug_port, pid); - } + if (pid == -1) { + snprintf(buf, len, "/usr/bin/app_launcher --start %s __AUL_SDK__ DEBUG __DLP_DEBUG_ARG__ :%s __DLP_GDBSERVER_PATH__ %s", appid, debug_port, gdbserver_path); + } else { + /* attach mode */ + snprintf(buf, len, "/usr/bin/launch_debug %s __AUL_SDK__ ATTACH __DLP_GDBSERVER_PATH__ %s __DLP_ATTACH_ARG__ --attach,:%s,%d", appid, gdbserver_path, debug_port, pid); + } - return 0; + free(debug_port); + free(appid); + free(pid_str); + free(gdbserver_path); + + return 0; + } + if (debug_port != NULL) { + free(debug_port); + } + if (appid != NULL) { + free(appid); + } + if (pid_str != NULL) { + free(pid_str); + } + if (gdbserver_path != NULL) { + free(gdbserver_path); + } + return -1; } static int appcmd_appinfo_gen_shellcmd(appcmd_info* p_info) { @@ -268,13 +345,18 @@ static int appcmd_appinfo_gen_shellcmd(appcmd_info* p_info) { return -1; } - pkgid = p_info->args[1]; + pkgid = parse_arg(p_info->args[1]); - D("args: pkgid=%s\n", pkgid); + if (pkgid != NULL) { + D("args: pkgid=%s\n", pkgid); - snprintf(buf, len, "/usr/bin/pkginfo --list \'%s\'", pkgid); + snprintf(buf, len, "/usr/bin/pkginfo --list %s", pkgid); - return 0; + free(pkgid); + + return 0; + } + return -1; } static void appcmd_receiver_debugwebapp(int fd_in, int fd_out) @@ -584,18 +666,29 @@ static void run_appcmd_packageinfo(appcmd_info* p_info) { return; } - type = p_info->args[1]; - pkgid= p_info->args[2]; + type = parse_arg(p_info->args[1]); + pkgid= parse_arg(p_info->args[2]); - D("args: type=%s, pkgid=%s\n", type, pkgid); + if (type != NULL && pkgid != NULL) { + D("args: type=%s, pkgid=%s\n", type, pkgid); - if (get_pkg_info(pkgid, pkginfo_buf, sizeof(pkginfo_buf)) == 0) { - D("success to get pkginfo. (%s)\n", pkginfo_buf); - p_info->exitcode = 0; - snprintf(result_buf, sizeof(result_buf), "\n%s:%s\n", MESSAGE_PREFIX_APPCMD_RETURN, pkginfo_buf); - writex(p_info->fd, result_buf, strlen(result_buf)); - } else { - D("failed to get pkginfo.\n"); + if (get_pkg_info(pkgid, pkginfo_buf, sizeof(pkginfo_buf)) == 0) { + D("success to get pkginfo. (%s)\n", pkginfo_buf); + p_info->exitcode = 0; + snprintf(result_buf, sizeof(result_buf), "\n%s:%s\n", MESSAGE_PREFIX_APPCMD_RETURN, pkginfo_buf); + writex(p_info->fd, result_buf, strlen(result_buf)); + } else { + D("failed to get pkginfo.\n"); + } + + free(type); + free(pkgid); + } + if (type != NULL) { + free(type); + } + if (pkgid != NULL) { + free(pkgid); } } #else @@ -609,13 +702,18 @@ static int appcmd_packageinfo_gen_shellcmd(appcmd_info* p_info) { return -1; } - pkgid = p_info->args[1]; + pkgid = parse_arg(p_info->args[1]); - D("args: pkgid=%s\n", pkgid); + if (pkgid != NULL) { + D("args: pkgid=%s\n", pkgid); - snprintf(buf, len, "/usr/bin/pkginfo --pkg %s;/usr/bin/pkgcmd -C -n %s", pkgid, pkgid); + snprintf(buf, len, "/usr/bin/pkginfo --pkg %s;/usr/bin/pkgcmd -C -n %s", pkgid, pkgid); - return 0; + free(pkgid); + + return 0; + } + return -1; } static void appcmd_receiver_packageinfo(int fd_in, int fd_out) diff --git a/src/strutils.c b/src/strutils.c index cba6a23..6ce53cf 100644 --- a/src/strutils.c +++ b/src/strutils.c @@ -91,3 +91,22 @@ char *s_strncpy(char *dest, const char *source, size_t n) { } return start; } + +char *parse_arg(char *arg) { + char *validstr = malloc(strlen(arg) * 2 + 1); + if(validstr == NULL) { + return NULL; + } + char *ret = validstr; + while(*arg) { + if (*arg == '!' || *arg == '&' || *arg == ';' || *arg == '|' || *arg == '(' || *arg == ')') { + *validstr='\\'; + validstr++; + } + *validstr=*arg; + validstr++; + arg++; + } + *validstr = '\0'; + return ret; +} -- 2.7.4 From f5677734bfa5de3b28e6d8a43db86c51a5dcac2c Mon Sep 17 00:00:00 2001 From: "adhavan.m" Date: Wed, 11 Apr 2018 15:25:03 +0530 Subject: [PATCH 16/16] Package: Update version (3.0.48) Change-Id: If328c6cf5005264310a1c6216a70101a0b7b4561 Signed-off-by: adhavan.m --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index f72e983..348e8cf 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.47 +Version: 3.0.48 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4