Convert ifstream usage into fopen() to prevent fd leaks into child processes

std::ifstream does not use O_CLOEXEC flag when opening files. This leads
to file descriptors being inherited by child processes. In the case of vold
this results in leaking FDs to less privileged children with no permission
for these files which occasionally leads to SELinux denials.

Bug: 129298168
Change-Id: Id2731782a25d65c9a7cbf25dc441f3e7a17609c1
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
This commit is contained in:
Suren Baghdasaryan 2019-03-26 10:00:05 -07:00
parent b640f4e337
commit 28af26ac47

View file

@ -46,18 +46,27 @@ namespace vold {
static bool checkMaps(const std::string& path, const std::string& prefix) { static bool checkMaps(const std::string& path, const std::string& prefix) {
bool found = false; bool found = false;
std::ifstream infile(path); auto file = std::unique_ptr<FILE, decltype(&fclose)>{fopen(path.c_str(), "re"), fclose};
std::string line; if (!file) {
while (std::getline(infile, line)) { return false;
}
char* buf = nullptr;
size_t len = 0;
while (getline(&buf, &len, file.get()) != -1) {
std::string line(buf);
std::string::size_type pos = line.find('/'); std::string::size_type pos = line.find('/');
if (pos != std::string::npos) { if (pos != std::string::npos) {
line = line.substr(pos); line = line.substr(pos);
if (android::base::StartsWith(line, prefix)) { if (android::base::StartsWith(line, prefix)) {
LOG(WARNING) << "Found map " << path << " referencing " << line; LOG(WARNING) << "Found map " << path << " referencing " << line;
found = true; found = true;
break;
} }
} }
} }
free(buf);
return found; return found;
} }