Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0506b18a authored by Tom Cherry's avatar Tom Cherry
Browse files

Check setegid() return values 

The clang static analyzer is complaining that we are not checking the
setegid() return value, so let's add these checks.  We should never
fail to return to AID_ROOT, so fail hard in this case.

Bug: 26962034
Test: Boot bullhead
Test: export WITH_STATIC_ANALYZER=1 and run 'mm' in the project directory
Change-Id: I62e95b045c5734305c71502871b6cf17f152edbc
parent 4bd3facb

init/devices.cpp

+7 −2
Original line number Diff line number Diff line
@@ -251,7 +251,10 @@ static void make_device(const char *path, 
     * some device nodes, so the uid has to be set with chown() and is still

     * racy. Fixing the gid race at least fixed the issue with system_server

     * opening dynamic input devices under the AID_INPUT gid. */

    setegid(gid);

    if (setegid(gid)) {

        PLOG(ERROR) << "setegid(" << gid << ") for " << path << " device failed";

        goto out;

    }

    /* If the node already exists update its SELinux label to handle cases when

     * it was created with the wrong context during coldboot procedure. */

    if (mknod(path, mode, dev) && (errno == EEXIST) && secontext) {
@@ -273,7 +276,9 @@ static void make_device(const char *path, 


out:

    chown(path, uid, -1);

    setegid(AID_ROOT);

    if (setegid(AID_ROOT)) {

        PLOG(FATAL) << "setegid(AID_ROOT) failed";

    }



    if (secontext) {

        freecon(secontext);