Use arraysize() for supplementary groups. (bae15b4f) · Commits · e / os / android_system_core

adb/daemon/main.cpp

+4 −5

Original line number	Diff line number	Diff line
		@@ -28,8 +28,10 @@
		#include <memory>

		#include <android-base/logging.h>
		#include <android-base/macros.h>
		#include <android-base/stringprintf.h>
		#include <libminijail.h>
		#include <scoped_minijail.h>

		#include "cutils/properties.h"
		#include "debuggerd/client.h"
		@@ -99,8 +101,7 @@ static bool should_drop_privileges() {
		}

		static void drop_privileges(int server_port) {
		std::unique_ptr<minijail, void ()(minijail)> jail(minijail_new(),
		&minijail_destroy);
		ScopedMinijail jail(minijail_new());

		// Add extra groups:
		// AID_ADB to access the USB driver
		@@ -116,9 +117,7 @@ static void drop_privileges(int server_port) {
		AID_INET, AID_NET_BT, AID_NET_BT_ADMIN,
		AID_SDCARD_R, AID_SDCARD_RW, AID_NET_BW_STATS,
		AID_READPROC};
		minijail_set_supplementary_gids(jail.get(),
		sizeof(groups) / sizeof(groups[0]),
		groups);
		minijail_set_supplementary_gids(jail.get(), arraysize(groups), groups);

		// Don't listen on a port (default 5037) if running in secure mode.
		// Don't run as root if running in secure mode.

+2 −1

Original line number	Diff line number	Diff line
		@@ -29,6 +29,7 @@
		#include <unistd.h>

		#include <android-base/logging.h>
		#include <android-base/macros.h>

		#include <cutils/fs.h>
		#include <cutils/hashmap.h>
		@@ -209,7 +210,7 @@ static int fuse_setup(struct fuse* fuse, gid_t gid, mode_t mask) {

		static void drop_privs(uid_t uid, gid_t gid) {
		ScopedMinijail j(minijail_new());
		minijail_set_supplementary_gids(j.get(), sizeof(kGroups) / sizeof(kGroups[0]), kGroups);
		minijail_set_supplementary_gids(j.get(), arraysize(kGroups), kGroups);
		minijail_change_gid(j.get(), gid);
		minijail_change_uid(j.get(), uid);
		/* minijail_enter() will abort if priv-dropping fails. */