ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Check setegid() return values

Browse source 
The clang static analyzer is complaining that we are not checking the
setegid() return value, so let's add these checks.  We should never
fail to return to AID_ROOT, so fail hard in this case.

Bug: 26962034
Test: Boot bullhead
Test: export WITH_STATIC_ANALYZER=1 and run 'mm' in the project directory
Change-Id: I62e95b045c5734305c71502871b6cf17f152edbc
This commit is contained in:
Tom Cherry 2017-02-23 13:46:09 -08:00
parent 4bd3facbb1
commit 0506b18a36
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
init/devices.cpp
View file

@ -251,7 +251,10 @@ static void make_device(const char *path,
* some device nodes, so the uid has to be set with chown() and is still
* racy. Fixing the gid race at least fixed the issue with system_server
* opening dynamic input devices under the AID_INPUT gid. */
setegid(gid);
if (setegid(gid)) {
PLOG(ERROR) << "setegid(" << gid << ") for " << path << " device failed";
goto out;
}
/* If the node already exists update its SELinux label to handle cases when
* it was created with the wrong context during coldboot procedure. */
if (mknod(path, mode, dev) && (errno == EEXIST) && secontext) {
@ -273,7 +276,9 @@ static void make_device(const char *path,
out:
chown(path, uid, -1);
setegid(AID_ROOT);
if (setegid(AID_ROOT)) {
PLOG(FATAL) << "setegid(AID_ROOT) failed";
}
if (secontext) {
freecon(secontext);