property_service: better validate property names

Don't allow unexpected characters in property names. Don't allow double dots in property names. Bug: 10733330 Change-Id: I8d69740d697efb791f2f201f90989576e13bac81
author: Nick Kralevich <nnk@google.com> 2013-09-13 17:21:28 -0700
committer: Nick Kralevich <nnk@google.com> 2013-09-16 09:05:29 -0700
commit: 694636142113d91c2b9585ad28e143d4ff001584 (patch)
tree: 386eb400e2df5473c5d9484bd6b1b0e0d7ed5fa2 /init
parent: 53dc297dd685aa7498203fddb3f85e60f2cbc7df (diff)
download: system_core-694636142113d91c2b9585ad28e143d4ff001584.zip
system_core-694636142113d91c2b9585ad28e143d4ff001584.tar.gz
system_core-694636142113d91c2b9585ad28e143d4ff001584.tar.bz2
1 files changed, 37 insertions, 4 deletions
diff --git a/init/property_service.c b/init/property_service.c
index 9afc756..9ac2781 100644
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -276,6 +276,34 @@ static void write_persistent_property(const char *name, const char *value)
     }
 }
 
+static bool is_legal_property_name(const char* name, size_t namelen)
+{
+    size_t i;
+    bool previous_was_dot = false;
+    if (namelen >= PROP_NAME_MAX) return false;
+    if (namelen < 1) return false;
+    if (name[0] == '.') return false;
+    if (name[namelen - 1] == '.') return false;
+
+    /* Only allow alphanumeric, plus '.', '-', or '_' */
+    /* Don't allow ".." to appear in a property name */
+    for (i = 0; i < namelen; i++) {
+        if (name[i] == '.') {
+            if (previous_was_dot == true) return false;
+            previous_was_dot = true;
+            continue;
+        }
+        previous_was_dot = false;
+        if (name[i] == '_' || name[i] == '-') continue;
+        if (name[i] >= 'a' && name[i] <= 'z') continue;
+        if (name[i] >= 'A' && name[i] <= 'Z') continue;
+        if (name[i] >= '0' && name[i] <= '9') continue;
+        return false;
+    }
+
+    return true;
+}
+
 int property_set(const char *name, const char *value)
 {
     prop_info *pi;
@@ -284,9 +312,8 @@ int property_set(const char *name, const char *value)
     size_t namelen = strlen(name);
     size_t valuelen = strlen(value);
 
-    if(namelen >= PROP_NAME_MAX) return -1;
-    if(valuelen >= PROP_VALUE_MAX) return -1;
-    if(namelen < 1) return -1;
+    if (!is_legal_property_name(name, namelen)) return -1;
+    if (valuelen >= PROP_VALUE_MAX) return -1;
 
     pi = (prop_info*) __system_property_find(name);
 
@@ -298,7 +325,7 @@ int property_set(const char *name, const char *value)
     } else {
         ret = __system_property_add(name, namelen, value, valuelen);
         if (ret < 0) {
-            ERROR("Failed to set '%s'='%s'", name, value);
+            ERROR("Failed to set '%s'='%s'\n", name, value);
             return ret;
         }
     }
@@ -364,6 +391,12 @@ void handle_property_set_fd()
         msg.name[PROP_NAME_MAX-1] = 0;
         msg.value[PROP_VALUE_MAX-1] = 0;
 
+        if (!is_legal_property_name(msg.name, strlen(msg.name))) {
+            ERROR("sys_prop: illegal property name. Got: \"%s\"\n", msg.name);
+            close(s);
+            return;
+        }
+
         getpeercon(s, &source_ctx);
 
         if(memcmp(msg.name,"ctl.",4) == 0) {
author	Nick Kralevich <nnk@google.com>	2013-09-13 17:21:28 -0700
committer	Nick Kralevich <nnk@google.com>	2013-09-16 09:05:29 -0700
commit	694636142113d91c2b9585ad28e143d4ff001584 (patch)
tree	386eb400e2df5473c5d9484bd6b1b0e0d7ed5fa2 /init
parent	53dc297dd685aa7498203fddb3f85e60f2cbc7df (diff)
download	system_core-694636142113d91c2b9585ad28e143d4ff001584.zip system_core-694636142113d91c2b9585ad28e143d4ff001584.tar.gz system_core-694636142113d91c2b9585ad28e143d4ff001584.tar.bz2