libcutils: add android_get_control_socket() test
android_get_control_socket() checks if the resulting file descriptor
is valid, open and matches the socket bound name reference, which on
purpose will fail if a symbolic link is in the path rather than using
a fully qualified path. If there are any non-alpha and non-numeric
characters in the name, they are replaced with _. Add unit test.
Test: gTest libcutils_test --gtest_filter=SocketTest.android_get_control_socket
Bug: 32450474
Change-Id: I27a6419012033ef8bd6ca04f3e479d01264d8c49
diff --git a/libcutils/sockets.cpp b/libcutils/sockets.cpp
index bba63ac..63761a2 100644
--- a/libcutils/sockets.cpp
+++ b/libcutils/sockets.cpp
@@ -28,11 +28,31 @@
// This file contains socket implementation that can be shared between
// platforms as long as the correct headers are included.
+#define _GNU_SOURCE 1 // For asprintf
+
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#if !defined(_WIN32)
+#include <netinet/in.h>
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#if !defined(_WIN32)
+#include <sys/un.h>
+#endif
+#include <unistd.h>
+
+#include <string>
#include <cutils/sockets.h>
-#if !defined(_WIN32)
-#include <netinet/in.h>
+#ifndef TEMP_FAILURE_RETRY // _WIN32 does not define
+#define TEMP_FAILURE_RETRY(exp) (exp)
#endif
int socket_get_local_port(cutils_socket_t sock) {
@@ -47,22 +67,56 @@
}
int android_get_control_socket(const char* name) {
- char key[64];
- snprintf(key, sizeof(key), ANDROID_SOCKET_ENV_PREFIX "%s", name);
+ char *key = NULL;
+ if (asprintf(&key, ANDROID_SOCKET_ENV_PREFIX "%s", name) < 0) return -1;
+ if (!key) return -1;
+
+ char *cp = key;
+ while (*cp) {
+ if (!isalnum(*cp)) *cp = '_';
+ ++cp;
+ }
const char* val = getenv(key);
- if (!val) {
- return -1;
- }
+ free(key);
+ if (!val) return -1;
errno = 0;
- long ret = strtol(val, NULL, 10);
- if (errno) {
- return -1;
- }
- if (ret < 0 || ret > INT_MAX) {
- return -1;
- }
+ long fd = strtol(val, NULL, 10);
+ if (errno) return -1;
- return static_cast<int>(ret);
+ // validity checking
+ if ((fd < 0) || (fd > INT_MAX)) return -1;
+#if defined(_SC_OPEN_MAX)
+ if (fd >= sysconf(_SC_OPEN_MAX)) return -1;
+#elif defined(OPEN_MAX)
+ if (fd >= OPEN_MAX) return -1;
+#elif defined(_POSIX_OPEN_MAX)
+ if (fd >= _POSIX_OPEN_MAX) return -1;
+#endif
+
+#if defined(F_GETFD)
+ if (TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD)) < 0) return -1;
+#elif defined(F_GETFL)
+ if (TEMP_FAILURE_RETRY(fcntl(fd, F_GETFL)) < 0) return -1;
+#else
+ struct stat s;
+ if (TEMP_FAILURE_RETRY(fstat(fd, &s)) < 0) return -1;
+#endif
+
+#if !defined(_WIN32)
+ struct sockaddr_un addr;
+ socklen_t addrlen = sizeof(addr);
+ int ret = TEMP_FAILURE_RETRY(getsockname(fd, (struct sockaddr *)&addr, &addrlen));
+ if (ret < 0) return -1;
+ char *path = NULL;
+ if (asprintf(&path, ANDROID_SOCKET_DIR"/%s", name) < 0) return -1;
+ if (!path) return -1;
+ int cmp = strcmp(addr.sun_path, path);
+ free(path);
+ if (cmp != 0) return -1;
+#endif
+
+ // It is what we think it is
+ return static_cast<int>(fd);
}
diff --git a/libcutils/tests/sockets_test.cpp b/libcutils/tests/sockets_test.cpp
index 0f682a2..82961a4 100644
--- a/libcutils/tests/sockets_test.cpp
+++ b/libcutils/tests/sockets_test.cpp
@@ -18,10 +18,14 @@
// IPv6 capabilities. These tests assume that no UDP packets are lost, which
// should be the case for loopback communication, but is not guaranteed.
-#include <cutils/sockets.h>
-
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <sys/un.h>
#include <time.h>
+#include <cutils/sockets.h>
#include <gtest/gtest.h>
// Makes sure the passed sockets are valid, sends data between them, and closes
@@ -185,3 +189,36 @@
TEST(SocketsTest, TestSocketSendBuffersFailure) {
EXPECT_EQ(-1, socket_send_buffers(INVALID_SOCKET, nullptr, 0));
}
+
+TEST(SocketsTest, android_get_control_socket) {
+ static const char key[] = ANDROID_SOCKET_ENV_PREFIX "SocketsTest.android_get_control_socket";
+ static const char* name = key + strlen(ANDROID_SOCKET_ENV_PREFIX);
+
+ EXPECT_EQ(unsetenv(key), 0);
+ EXPECT_EQ(android_get_control_socket(name), -1);
+
+ int fd;
+ ASSERT_GE(fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0), 0);
+ EXPECT_EQ(android_get_control_socket(name), -1);
+
+ struct sockaddr_un addr;
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ snprintf(addr.sun_path, sizeof(addr.sun_path), ANDROID_SOCKET_DIR"/%s", name);
+ unlink(addr.sun_path);
+
+ EXPECT_EQ(bind(fd, (struct sockaddr*)&addr, sizeof(addr)), 0);
+ EXPECT_EQ(android_get_control_socket(name), -1);
+
+ char val[32];
+ snprintf(val, sizeof(val), "%d", fd);
+ EXPECT_EQ(setenv(key, val, true), 0);
+
+ EXPECT_EQ(android_get_control_socket(name), fd);
+ socket_close(fd);
+ EXPECT_EQ(android_get_control_socket(name), -1);
+ EXPECT_EQ(unlink(addr.sun_path), 0);
+ EXPECT_EQ(android_get_control_socket(name), -1);
+ EXPECT_EQ(unsetenv(key), 0);
+ EXPECT_EQ(android_get_control_socket(name), -1);
+}