commit b871e5d6b3b4a214c7f19bdfca7663f1fe49fda8
author Nick Kralevich <nnk@google.com> Fri Jan 25 21:52:00 2013 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Jan 25 21:52:00 2013 +0000
tree 06678c237ade4a15cfdf977235212dc6582ab50d
parent 82ef8296dc5e25b9cc8e7231f9515f50185dac9d
parent c16961b8c3b932716b2e576c5877d39411b453cc

Merge "system_properties: do more checking of file"

libc/bionic/system_properties.c

diff --git a/libc/bionic/system_properties.c b/libc/bionic/system_properties.c
index a1312af..c9cf2f7 100644
--- a/libc/bionic/system_properties.c
+++ b/libc/bionic/system_properties.c
@@ -69,6 +69,7 @@
 int __system_properties_init(void)
 {
     bool fromFile = true;
+    int result = -1;
 
     if(__system_property_area__ != ((void*) &dummy_props)) {
         return 0;
@@ -96,26 +97,35 @@
 
     struct stat fd_stat;
     if (fstat(fd, &fd_stat) < 0) {
-        return -1;
+        goto cleanup;
+    }
+
+    if ((fd_stat.st_uid != 0)
+            || (fd_stat.st_gid != 0)
+            || ((fd_stat.st_mode & (S_IWGRP | S_IWOTH)) != 0)) {
+        goto cleanup;
     }
 
     prop_area *pa = mmap(0, fd_stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
 
-    if (fromFile) {
-        close(fd);
-    }
-
     if (pa == MAP_FAILED) {
-        return -1;
+        goto cleanup;
     }
 
     if((pa->magic != PROP_AREA_MAGIC) || (pa->version != PROP_AREA_VERSION)) {
         munmap(pa, fd_stat.st_size);
-        return -1;
+        goto cleanup;
     }
 
     __system_property_area__ = pa;
-    return 0;
+    result = 0;
+
+cleanup:
+    if (fromFile) {
+        close(fd);
+    }
+
+    return result;
 }
 
 const prop_info *__system_property_find_nth(unsigned n)