[EGIT] [core/efl] master 07/08: evas fb dev env var - allow in setuid processes with sanitizing

[Carsten Haitzler]

raster pushed a commit to branch master.

http://git.enlightenment.org/core/efl.git/commit/?id=5c431b14de9cfbb54ea93b876afc31a1e3305913

commit 5c431b14de9cfbb54ea93b876afc31a1e3305913
Author: Carsten Haitzler (Rasterman) <ras...@rasterman.com>
Date:   Thu Feb 9 17:03:49 2017 +0900

    evas fb dev env var - allow in setuid processes with sanitizing
    
    this allows only /dev/fb[0-0] or /dev/fb/something where somthing does
    not begin with a . - thus no way to break out of the fb subdir... so
    it should be ok... this keeps setuid safety and allows this env var to
    work now as intended in this situation.
---
 src/lib/ecore_fb/ecore_fb.c                | 14 +++++++-------
 src/modules/evas/engines/fb/evas_fb_main.c | 13 ++++++-------
 2 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/src/lib/ecore_fb/ecore_fb.c b/src/lib/ecore_fb/ecore_fb.c
index d11225e..0d90242 100644
--- a/src/lib/ecore_fb/ecore_fb.c
+++ b/src/lib/ecore_fb/ecore_fb.c
@@ -120,16 +120,16 @@ _ecore_fb_size_get(const char *name, int *w, int *h)
 {
    struct fb_var_screeninfo fb_var;
    int fb;
+   const char *s;
 
-   if (
-#if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
-       (getuid() == geteuid()) &&
-#endif
-       (getenv("EVAS_FB_DEV")))
+   if ((s = getenv("EVAS_FB_DEV")) &&
+       (((!strncmp(s, "/dev/fb", 7)) &&
+         ((s[7] >= '0' && s[7] <= '9') || (s[7] == 0))) ||
+           ((!strncmp(s, "/dev/fb/", 8)) && (s[8] != '.'))))
      {
-        fb = open(getenv("EVAS_FB_DEV"), O_RDWR);
+        fb = open(s, O_RDWR);
         if (fb < 0)
-          fprintf(stderr, "[ecore_fb] error opening $EVAS_FB_DEV=%s: %s\n", 
getenv("EVAS_FB_DEV"), strerror(errno));
+          fprintf(stderr, "[ecore_fb] error opening $EVAS_FB_DEV=%s: %s\n", s, 
strerror(errno));
      }
    else
      {
diff --git a/src/modules/evas/engines/fb/evas_fb_main.c 
b/src/modules/evas/engines/fb/evas_fb_main.c
index aab4147..5690c83 100644
--- a/src/modules/evas/engines/fb/evas_fb_main.c
+++ b/src/modules/evas/engines/fb/evas_fb_main.c
@@ -766,7 +766,7 @@ void
 fb_init(int vt EINA_UNUSED, int device)
 {
    char dev[PATH_MAX];
-   
+   const char *s;
 
    DBG("device=%d, $EVAS_FB_DEV=%s", device, getenv("EVAS_FB_DEV"));
    tty = -1;
@@ -774,13 +774,12 @@ fb_init(int vt EINA_UNUSED, int device)
    if (vt != 0) fb_setvt(vt);
 #endif
 
-   if (
-#if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
-       (getuid() == geteuid()) &&
-#endif
-       (getenv("EVAS_FB_DEV")))
+   if ((s = getenv("EVAS_FB_DEV")) &&
+       (((!strncmp(s, "/dev/fb", 7)) &&
+         ((s[7] >= '0' && s[7] <= '9') || (s[7] == 0))) ||
+           ((!strncmp(s, "/dev/fb/", 8)) && (s[8] != '.'))))
      {
-        eina_strlcpy(dev, getenv("EVAS_FB_DEV"), sizeof(dev));
+        eina_strlcpy(dev, s, sizeof(dev));
         fb = open(dev, O_RDWR);
      }
    else

--