diff --git a/modules/sandbox/appspawn_sandbox.c b/modules/sandbox/appspawn_sandbox.c index 6195193d..5eae2913 100644 --- a/modules/sandbox/appspawn_sandbox.c +++ b/modules/sandbox/appspawn_sandbox.c @@ -525,7 +525,7 @@ static int DoSandboxNodeMount(const SandboxContext *context, const SandboxSectio return 0; } -static bool IsUnlockStatus(uint32_t uid) +static bool IsUnlockStatus(uint32_t uid, const char *bundleName, size_t bundleNameLen) { const int userIdBase = UID_BASE; uid = uid / userIdBase; @@ -534,11 +534,11 @@ static bool IsUnlockStatus(uint32_t uid) } const char rootPath[] = "/data/app/el2/"; - const char basePath[] = "/base"; - size_t allPathSize = strlen(rootPath) + strlen(basePath) + 1 + USER_ID_SIZE; + const char basePath[] = "/base/"; + size_t allPathSize = strlen(rootPath) + strlen(basePath) + 1 + USER_ID_SIZE + bundleNameLen; char *path = (char *)malloc(sizeof(char) * allPathSize); APPSPAWN_CHECK(path != NULL, return true, "Failed to malloc path"); - int len = sprintf_s(path, allPathSize, "%s%u%s", rootPath, uid, basePath); + int len = sprintf_s(path, allPathSize, "%s%u%s%s", rootPath, uid, basePath, bundleName); APPSPAWN_CHECK(len > 0 && ((size_t)len < allPathSize), free(path); return true, "Failed to get base path"); if (access(path, F_OK) == 0) { @@ -599,7 +599,9 @@ static void MountDirToShared(const SandboxContext *context, AppSpawnSandboxCfg * { const char rootPath[] = "/mnt/sandbox/"; AppSpawnMsgDacInfo *info = (AppSpawnMsgDacInfo *)GetSpawningMsgInfo(context, TLV_DAC_INFO); - if (info == NULL || IsUnlockStatus(info->uid)) { + size_t bundleNameLen = strlen(context->bundleName); + if (info == NULL || context->bundleName == NULL || + IsUnlockStatus(info->uid, context->bundleName, bundleNameLen)) { return; } diff --git a/modules/sandbox/sandbox_utils.cpp b/modules/sandbox/sandbox_utils.cpp index d8f1c35e..458dc068 100644 --- a/modules/sandbox/sandbox_utils.cpp +++ b/modules/sandbox/sandbox_utils.cpp @@ -1776,7 +1776,7 @@ int32_t SetAppSandboxProperty(AppSpawnMgr *content, AppSpawningCtx *property) #define DIR_MODE 0711 #ifndef APPSPAWN_SANDBOX_NEW -static bool IsUnlockStatus(uint32_t uid) +static bool IsUnlockStatus(uint32_t uid, const char *bundleName, size_t bundleNameLen) { const int userIdBase = 200000; uid = uid / userIdBase; @@ -1785,11 +1785,11 @@ static bool IsUnlockStatus(uint32_t uid) } const char rootPath[] = "/data/app/el2/"; - const char basePath[] = "/base"; - size_t allPathSize = strlen(rootPath) + strlen(basePath) + 1 + USER_ID_SIZE; + const char basePath[] = "/base/"; + size_t allPathSize = strlen(rootPath) + strlen(basePath) + 1 + USER_ID_SIZE + bundleNameLen; char *path = reinterpret_cast(malloc(sizeof(char) * allPathSize)); APPSPAWN_CHECK(path != NULL, return true, "Failed to malloc path"); - int len = sprintf_s(path, allPathSize, "%s%u%s", rootPath, uid, basePath); + int len = sprintf_s(path, allPathSize, "%s%u%s%s", rootPath, uid, basePath, bundleName); APPSPAWN_CHECK(len > 0 && ((size_t)len < allPathSize), return true, "Failed to get base path"); if (access(path, F_OK) == 0) { @@ -1867,8 +1867,8 @@ static void MountDirToShared(const AppSpawningCtx *property) string sourcePath = "/data/app/el1/bundle/public/" + string(bundleName); MountDir(property, rootPath, sourcePath.c_str(), el1Path); - - if (IsUnlockStatus(info->uid)) { + size_t bundleNameLen = strlen(bundleName); + if (IsUnlockStatus(info->uid, bundleName, bundleNameLen)) { return; }