Don't check permissions bits on init scripts for host_init_verifier (d72432de) · Commits · e / os / android_system_core

init/host_init_verifier.cpp

+1 −1

Original line number	Diff line number	Diff line
		@@ -146,7 +146,7 @@ int main(int argc, char** argv) {
		parser.AddSectionParser("on", std::make_unique<ActionParser>(&am, nullptr));
		parser.AddSectionParser("import", std::make_unique<HostImportParser>());

		if (!parser.ParseConfig(argv[1])) {
		if (!parser.ParseConfigFileInsecure(argv[1])) {
		LOG(ERROR) << "Failed to open init rc script '" << argv[1] << "'";
		return EXIT_FAILURE;
		}

init/parser.cpp

+21 −10

Original line number	Diff line number	Diff line
		@@ -19,6 +19,7 @@
		#include <dirent.h>

		#include <android-base/chrono_utils.h>
		#include <android-base/file.h>
		#include <android-base/logging.h>
		#include <android-base/stringprintf.h>
		#include <android-base/strings.h>
		@@ -39,14 +40,13 @@ void Parser::AddSingleLineParser(const std::string& prefix, LineCallback callbac
		line_callbacks_.emplace_back(prefix, callback);
		}

		void Parser::ParseData(const std::string& filename, const std::string& data) {
		// TODO: Use a parser with const input and remove this copy
		std::vector<char> data_copy(data.begin(), data.end());
		data_copy.push_back('\0');
		void Parser::ParseData(const std::string& filename, std::string* data) {
		data->push_back('\n'); // TODO: fix tokenizer
		data->push_back('\0');

		parse_state state;
		state.line = 0;
		state.ptr = &data_copy[0];
		state.ptr = data->data();
		state.nexttoken = 0;

		SectionParser* section_parser = nullptr;
		@@ -69,6 +69,11 @@ void Parser::ParseData(const std::string& filename, const std::string& data) {
		switch (next_token(&state)) {
		case T_EOF:
		end_section();

		for (const auto& [section_name, section_parser] : section_parsers_) {
		section_parser->EndFile();
		}

		return;
		case T_NEWLINE: {
		state.line++;
		@@ -118,6 +123,16 @@ void Parser::ParseData(const std::string& filename, const std::string& data) {
		}
		}

		bool Parser::ParseConfigFileInsecure(const std::string& path) {
		std::string config_contents;
		if (!android::base::ReadFileToString(path, &config_contents)) {
		return false;
		}

		ParseData(path, &config_contents);
		return true;
		}

		bool Parser::ParseConfigFile(const std::string& path) {
		LOG(INFO) << "Parsing file " << path << "...";
		android::base::Timer t;
		@@ -127,11 +142,7 @@ bool Parser::ParseConfigFile(const std::string& path) {
		return false;
		}

		config_contents->push_back('\n'); // TODO: fix parse_config.
		ParseData(path, *config_contents);
		for (const auto& [section_name, section_parser] : section_parsers_) {
		section_parser->EndFile();
		}
		ParseData(path, &config_contents.value());

		LOG(VERBOSE) << "(Parsing " << path << " took " << t << ".)";
		return true;

init/parser.h

+4 −1

Original line number	Diff line number	Diff line
		@@ -75,10 +75,13 @@ class Parser {
		void AddSectionParser(const std::string& name, std::unique_ptr<SectionParser> parser);
		void AddSingleLineParser(const std::string& prefix, LineCallback callback);

		// Host init verifier check file permissions.
		bool ParseConfigFileInsecure(const std::string& path);

		size_t parse_error_count() const { return parse_error_count_; }

		private:
		void ParseData(const std::string& filename, const std::string& data);
		void ParseData(const std::string& filename, std::string* data);
		bool ParseConfigFile(const std::string& path);
		bool ParseConfigDir(const std::string& path);