diff options
author | Thierry Strudel <tstrudel@google.com> | 2017-09-15 10:46:48 -0700 |
---|---|---|
committer | Thierry Strudel <tstrudel@google.com> | 2017-09-15 13:39:53 -0700 |
commit | f7f77065b32563a6ed376a337638a7375d332fc4 (patch) | |
tree | 4354d8de5d038d123e59cbb71fdcdf7f6220cd08 | |
parent | 86a1a35809fc77ef327e812649d567ad619c7813 (diff) | |
download | ipacfg-mgr-f7f77065b32563a6ed376a337638a7375d332fc4.tar.gz |
msm8998: Update to C1.07.00.00.375.020
msm8998: from vendor/qcom/opensource/data-ipa-cfg-mgr
cd3f815 Promotion of data.lnx.6.4.9-00093.
60bc54b IPACM: fix security issue in querying if index
9712b61 Promotion of data.lnx.6.4.9-00072.
de85c67 SetDataLimit: Init Check
Test: build, boot, sanity checks
Bug: 65735819
Change-Id: Ie0c42323bc1d83c9bce185a067120546dfc2d9d1
Signed-off-by: Thierry Strudel <tstrudel@google.com>
-rw-r--r-- | msm8998/hal/src/HAL.cpp | 14 | ||||
-rw-r--r-- | msm8998/ipacm/src/IPACM_Iface.cpp | 55 |
2 files changed, 41 insertions, 28 deletions
diff --git a/msm8998/hal/src/HAL.cpp b/msm8998/hal/src/HAL.cpp index d722e78..59f978d 100644 --- a/msm8998/hal/src/HAL.cpp +++ b/msm8998/hal/src/HAL.cpp @@ -463,11 +463,17 @@ Return<void> HAL::setDataLimit fl.addArg("upstream", upstream); fl.addArg("limit", limit); - RET ipaReturn = mIPA->setQuota(upstream.c_str(), limit); - BoolResult res = ipaResultToBoolResult(ipaReturn); - hidl_cb(res.success, res.errMsg); + if (!isInitialized()) { + BoolResult res = makeInputCheckFailure("Not initialized (setDataLimit)"); + hidl_cb(res.success, res.errMsg); + fl.setResult(res.success, res.errMsg); + } else { + RET ipaReturn = mIPA->setQuota(upstream.c_str(), limit); + BoolResult res = ipaResultToBoolResult(ipaReturn); + hidl_cb(res.success, res.errMsg); + fl.setResult(res.success, res.errMsg); + } - fl.setResult(res.success, res.errMsg); mLogs.addLog(fl); return Void(); } /* setDataLimit */ diff --git a/msm8998/ipacm/src/IPACM_Iface.cpp b/msm8998/ipacm/src/IPACM_Iface.cpp index 4e0dc9e..149e417 100644 --- a/msm8998/ipacm/src/IPACM_Iface.cpp +++ b/msm8998/ipacm/src/IPACM_Iface.cpp @@ -930,30 +930,37 @@ int IPACM_Iface::ipa_get_if_index int * if_index ) { - int fd; - struct ifreq ifr; - - if((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) - { - IPACMERR("get interface index socket create failed \n"); - return IPACM_FAILURE; - } - - memset(&ifr, 0, sizeof(struct ifreq)); - (void)strncpy(ifr.ifr_name, if_name, sizeof(ifr.ifr_name)); - IPACMDBG_H("interface name (%s)\n", if_name); - - if (ioctl(fd,SIOCGIFINDEX , &ifr) < 0) - { - IPACMERR("call_ioctl_on_dev: ioctl failed, interface name (%s):\n", ifr.ifr_name); - close(fd); - return IPACM_FAILURE; - } - - *if_index = ifr.ifr_ifindex; - IPACMDBG_H("Interface index %d\n", *if_index); - close(fd); - return IPACM_SUCCESS; + int fd; + struct ifreq ifr; + + if((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) + { + IPACMERR("get interface index socket create failed \n"); + return IPACM_FAILURE; + } + + if(strlen(if_name) >= sizeof(ifr.ifr_name)) + { + IPACMERR("interface name overflows: len %zu\n", strlen(if_name)); + close(fd); + return IPACM_FAILURE; + } + + memset(&ifr, 0, sizeof(struct ifreq)); + (void)strlcpy(ifr.ifr_name, if_name, sizeof(ifr.ifr_name)); + IPACMDBG_H("interface name (%s)\n", if_name); + + if(ioctl(fd,SIOCGIFINDEX , &ifr) < 0) + { + IPACMERR("call_ioctl_on_dev: ioctl failed, interface name (%s):\n", ifr.ifr_name); + close(fd); + return IPACM_FAILURE; + } + + *if_index = ifr.ifr_ifindex; + IPACMDBG_H("Interface index %d\n", *if_index); + close(fd); + return IPACM_SUCCESS; } void IPACM_Iface::config_ip_type(ipa_ip_type iptype) |