Mirrors/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-06-13 13:47:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Harden socket verification

Browse Source 
- Do not allow connections to magiskd from binaries other than the one started the server
- Do not allow connections to magisklogd without root access
This commit is contained in:
topjohnwu
2019-02-09 15:02:46 -05:00
parent 9826640ae6
commit b3242322fd
4 changed files with 34 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
native/jni/core/socket.cpp
View File

@ -11,7 +11,7 @@
#include "utils.h"
#include "magisk.h"
#define ABS_SOCKET_LEN(sun) (sizeof(sun->sun_family) + strlen(sun->sun_path + 1) + 1)
#define ABS_SOCKET_LEN(sun) (sizeof(sa_family_t) + strlen(sun->sun_path + 1) + 1)
socklen_t setup_sockaddr(struct sockaddr_un *sun, const char *name) {
memset(sun, 0, sizeof(*sun));
@ -38,6 +38,11 @@ int socket_accept(int sockfd, int timeout) {
return xpoll(&pfd, 1, timeout * 1000) <= 0 ? -1 : xaccept4(sockfd, NULL, NULL, SOCK_CLOEXEC);
}
void get_client_cred(int fd, struct ucred *cred) {
socklen_t ucred_length = sizeof(*cred);
getsockopt(fd, SOL_SOCKET, SO_PEERCRED, cred, &ucred_length);
}
/*
* Receive a file descriptor from a Unix socket.
* Contributed by @mkasick