Check insert option when iptables commit

Change-Id: Iabf6dfda8008ebe93ce81cf3bab07c2eaef7a99c
Signed-off-by: hyunuktak <hyunuk.tak@samsung.com>

diff --git a/include/stc-manager.h b/include/stc-manager.h
index 1658bc6..9496953 100644 (file)
--- a/include/stc-manager.h
+++ b/include/stc-manager.h
@@ -36,6 +36,7 @@
 #define STC_IPTABLES "/usr/sbin/iptables"
 #define STC_IP6TABLES "/usr/sbin/ip6tables"
 
+#define STC_CMD_INSERT "-I"
 #define STC_CMD_SIZE 256
 
 #define STC_DEBUG_LOG (stc_util_get_debuglog())

diff --git a/src/monitor/stc-monitor-proc.c b/src/monitor/stc-monitor-proc.c
index 8bd13a7..e3d2457 100755 (executable)
--- a/src/monitor/stc-monitor-proc.c
+++ b/src/monitor/stc-monitor-proc.c
@@ -38,7 +38,6 @@ static void __proc_remove_pid(gpointer key, gpointer value,
 {
        stc_app_value_s *app_value = (stc_app_value_s *)value;
        remove_pid_context_s *context = (remove_pid_context_s *)data;
-       guint pid_count = 0;
 
        if (!g_hash_table_remove(app_value->processes, GUINT_TO_POINTER(context->pid)))
                return;

diff --git a/src/stc-firewall.c b/src/stc-firewall.c
old mode 100755 (executable)
new mode 100644 (file)

diff --git a/src/stc-manager.c b/src/stc-manager.c
old mode 100755 (executable)
new mode 100644 (file)
index 7b4876a..a61a8ac
--- a/src/stc-manager.c
+++ b/src/stc-manager.c
@@ -178,6 +178,13 @@ int stc_commit_iptables(char *cmd, int *err_num, char **err_str)
 
        if (pid == 0) {
                errno = 0;
+
+               if (!g_strcmp0(args[1], STC_CMD_INSERT)) {
+                       STC_LOGE("Invalid arguments");
+                       g_strfreev(args);
+                       exit(-1);
+               }
+
                if (execv(args[0], args) == -1) {
                        STC_LOGE("Failed to execute [%s]", *err_str);
                        g_strfreev(args);

diff --git a/src/stc-restriction.c b/src/stc-restriction.c
old mode 100755 (executable)
new mode 100644 (file)