!130 merge master_bugfix into master

缓冲区越界读风险修复

Created-by: weixin_55426550
Commit-by: Administrator
Merged-by: openharmony_ci
Description: ### 一、内容说明(相关的Issue)

https://gitcode.com/openharmony/ability_dmsfwk_lite/issues/36

### 二、建议测试周期和提测地址  
  建议测试完成时间:xxxx.xx.xx  
  投产上线时间:xxxx.xx.xx  
  提测地址:CI环境/压测环境  
  测试账号:  

### 三、变更内容
  * 3.1 关联PR列表

  * 3.2 数据库和部署说明  
    1. 常规更新 
    2. 重启unicorn
    3. 重启sidekiq
    4. 迁移任务:是否有迁移任务,没有写 "无"
    5. rake脚本:`bundle exec xxx RAILS_ENV = production`;没有写 "无"

  * 3.4 其他技术优化内容(做了什么,变更了什么)
    - 重构了 xxxx 代码
    - xxxx 算法优化


  * 3.5 废弃通知(什么字段、方法弃用?)



  * 3.6  后向不兼容变更(是否有无法向后兼容的变更?)


  
### 四、研发自测点(自测哪些?冒烟用例全部自测?)
  自测测试结论:


### 五、测试关注点(需要提醒QA重点关注的、可能会忽略的地方)
  检查点:

| 需求名称 | 是否影响xx公共模块 | 是否需要xx功能 | 需求升级是否依赖其他子产品 |
|------|------------|----------|---------------|
| xxx  | 否          | 需要       | 不需要           |
|      |            |          |               |

  接口测试:

  性能测试:

  并发测试:

  其他:



See merge request: openharmony/ability_dmsfwk_lite!130
This commit is contained in:
openharmony_ci
2026-05-26 21:00:35 +08:00
+65 -33
View File
@@ -60,6 +60,59 @@ static bool GetBmsInterface(struct BmsServerProxy **bmsInterface)
}
#endif
static int32_t GetCalleeBundleInfo(const char *calleeBundleName, BundleInfo *bundleInfo)
{
int32_t errCode;
#ifndef WEARABLE_PRODUCT
uid_t callerUid = getuid();
if (callerUid == FOUNDATION_UID) {
struct BmsServerProxy *bmsInterface = NULL;
if (!GetBmsInterface(&bmsInterface)) {
HILOGE("[GetBmsInterface query null]");
return DMS_EC_GET_BMS_FAILURE;
}
if (calleeBundleName == NULL) {
return DMS_EC_FAILURE;
}
errCode = bmsInterface->GetBundleInfo(calleeBundleName,
GET_BUNDLE_WITHOUT_ABILITIES, bundleInfo);
} else if (callerUid == SHELL_UID) {
errCode = GetBundleInfo(calleeBundleName, GET_BUNDLE_WITHOUT_ABILITIES, bundleInfo);
} else {
errCode = EC_FAILURE;
}
#else
errCode = GetBundleInfo(calleeBundleName, GET_BUNDLE_WITHOUT_ABILITIES, bundleInfo);
#endif
if (errCode != EC_SUCCESS) {
HILOGE("[GetBundleInfo errCode = %d]", errCode);
return DMS_EC_GET_BUNDLEINFO_FAILURE;
}
return DMS_EC_SUCCESS;
}
static int32_t ExtractCalleeSignature(const BundleInfo *bundleInfo, const char *calleeBundleName,
const char **calleeSignature)
{
if (bundleInfo == NULL || bundleInfo->appId == NULL || calleeBundleName == NULL) {
HILOGE("[Invalid parameter]");
return DMS_EC_FAILURE;
}
size_t bundleNameLen = strlen(calleeBundleName);
size_t appIdLen = strlen(bundleInfo->appId);
if (bundleNameLen + DELIMITER_LENGTH >= appIdLen) {
HILOGE("[Invalid appId format]");
return DMS_EC_FAILURE;
}
if (strncmp(bundleInfo->appId, calleeBundleName, bundleNameLen) != 0 ||
bundleInfo->appId[bundleNameLen] != '_') {
HILOGE("[AppId does not start with calleeBundleName_]");
return DMS_EC_FAILURE;
}
*calleeSignature = bundleInfo->appId + bundleNameLen + DELIMITER_LENGTH;
return DMS_EC_SUCCESS;
}
int32_t CheckRemotePermission(const PermissionCheckInfo *permissionCheckInfo)
{
if (permissionCheckInfo == NULL) {
@@ -70,48 +123,27 @@ int32_t CheckRemotePermission(const PermissionCheckInfo *permissionCheckInfo)
HILOGE("[bundleInfo memset failed]");
return DMS_EC_FAILURE;
}
int32_t errCode;
#ifndef WEARABLE_PRODUCT
uid_t callerUid = getuid();
if (callerUid == FOUNDATION_UID) {
/* inner-process mode */
struct BmsServerProxy *bmsInterface = NULL;
if (!GetBmsInterface(&bmsInterface)) {
HILOGE("[GetBmsInterface query null]");
return DMS_EC_GET_BMS_FAILURE;
}
if (permissionCheckInfo->calleeBundleName == NULL) {
return DMS_EC_FAILURE;
}
errCode = bmsInterface->GetBundleInfo(permissionCheckInfo->calleeBundleName,
GET_BUNDLE_WITHOUT_ABILITIES, &bundleInfo);
} else if (callerUid == SHELL_UID) {
/* inter-process mode (mainly called in xts testsuit process started by shell) */
errCode = GetBundleInfo(permissionCheckInfo->calleeBundleName,
GET_BUNDLE_WITHOUT_ABILITIES, &bundleInfo);
} else {
errCode = EC_FAILURE;
int32_t ret = GetCalleeBundleInfo(permissionCheckInfo->calleeBundleName, &bundleInfo);
if (ret != DMS_EC_SUCCESS) {
return ret;
}
#else
errCode = GetBundleInfo(permissionCheckInfo->calleeBundleName,
GET_BUNDLE_WITHOUT_ABILITIES, &bundleInfo);
#endif
if (errCode != EC_SUCCESS) {
HILOGE("[GetBundleInfo errCode = %d]", errCode);
return DMS_EC_GET_BUNDLEINFO_FAILURE;
const char *calleeSignature = NULL;
ret = ExtractCalleeSignature(&bundleInfo, permissionCheckInfo->calleeBundleName, &calleeSignature);
if (ret != DMS_EC_SUCCESS) {
ClearBundleInfo(&bundleInfo);
return ret;
}
/* appId: bundleName + "_" + signature */
const char *calleeSignature = bundleInfo.appId + strlen(permissionCheckInfo->calleeBundleName)
+ DELIMITER_LENGTH;
ClearBundleInfo(&bundleInfo);
if ((permissionCheckInfo->callerSignature == NULL) || (calleeSignature == NULL)) {
if (permissionCheckInfo->callerSignature == NULL || calleeSignature == NULL) {
HILOGE("[Signature is null]");
ClearBundleInfo(&bundleInfo);
return DMS_EC_FAILURE;
}
if (strcmp(permissionCheckInfo->callerSignature, calleeSignature) != 0) {
HILOGE("[Signature unmatched]");
ClearBundleInfo(&bundleInfo);
return DMS_EC_CHECK_PERMISSION_FAILURE;
}
ClearBundleInfo(&bundleInfo);
return DMS_EC_SUCCESS;
}