diff options
| author | Kenny Root <kroot@google.com> | 2012-03-28 15:15:29 -0700 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2012-03-28 15:15:29 -0700 |
| commit | 29dc792bcdd466efcdf068404760bcbbbd01017b (patch) | |
| tree | e724170ed5e8ad3b581ed4406dd781a0eb1eee3a | |
| parent | 15892e10a49b5b5f3d612228cd3e125cf3b43025 (diff) | |
| parent | dca76e6187c4128a17c8df5bcaca0db6993d91a1 (diff) | |
| download | system_core-29dc792bcdd466efcdf068404760bcbbbd01017b.zip system_core-29dc792bcdd466efcdf068404760bcbbbd01017b.tar.gz system_core-29dc792bcdd466efcdf068404760bcbbbd01017b.tar.bz2 | |
Merge "add IP checking for adb over TCP"
| -rw-r--r-- | adb/transport_local.c | 38 |
1 files changed, 36 insertions, 2 deletions
diff --git a/adb/transport_local.c b/adb/transport_local.c index 105c502..aeca280 100644 --- a/adb/transport_local.c +++ b/adb/transport_local.c @@ -21,6 +21,7 @@ #include "sysdeps.h" #include <sys/types.h> +#include <arpa/inet.h> #define TRACE_TAG TRACE_TRANSPORT #include "adb.h" @@ -151,10 +152,36 @@ static void *client_socket_thread(void *x) return 0; } +#if !ADB_HOST +static int is_whitelisted(struct sockaddr_in *addr) +{ + char value[PROPERTY_VALUE_MAX]; + + /* whitelist emulator */ + property_get("ro.kernel.qemu", value, ""); + if(!strcmp(value, "1")) { + return 1; + } + + /* whitelist "eng" and "tests" builds */ + property_get("ro.build.type", value, ""); + if(!strcmp(value, "eng") || !strcmp(value, "tests")) { + return 1; + } + + /* whitelist persist.service.adb.client_ip */ + property_get("persist.service.adb.client_ip", value, ""); + if(!strncmp(value, inet_ntoa(addr->sin_addr), sizeof(value))) { + return 1; + } + return 0; +} +#endif + static void *server_socket_thread(void * arg) { int serverfd, fd; - struct sockaddr addr; + struct sockaddr_in addr; socklen_t alen; int port = (int)arg; @@ -173,9 +200,16 @@ static void *server_socket_thread(void * arg) alen = sizeof(addr); D("server: trying to get new connection from %d\n", port); - fd = adb_socket_accept(serverfd, &addr, &alen); + fd = adb_socket_accept(serverfd, (struct sockaddr *)&addr, &alen); if(fd >= 0) { D("server: new connection on fd %d\n", fd); + #if !ADB_HOST + if(!is_whitelisted(&addr)) { + D("server: connection %d blacklisted and closed\n", port); + adb_close(fd); + continue; + } +#endif close_on_exec(fd); disable_tcp_nagle(fd); register_socket_transport(fd, "host", port, 1); |