• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "runtime_controller.h"
17 
18 #include <algorithm>
19 #include <string>
20 #include <string_view>
21 #include <sys/param.h>
22 #include <unistd.h>
23 
24 #include "libpandabase/utils/logger.h"
25 #include "runtime/include/mem/panda_containers.h"
26 
27 namespace panda {
28 
29 /**
30  * Data directory of applications for default user.
31  */
32 constexpr std::string_view DIR_DATA_DATA = "/data/data/";
33 
34 /**
35  * Data directory of applications for non-default users.
36  */
37 constexpr std::string_view DIR_DATA_USER = "/data/user/";
38 
StartsWith(std::string_view s,std::string_view prefix)39 static bool StartsWith(std::string_view s, std::string_view prefix)
40 {
41     return (s.size() >= prefix.size()) && std::equal(prefix.begin(), prefix.end(), s.begin());
42 }
43 
StartsWithData(std::string_view path)44 static bool StartsWithData(std::string_view path)
45 {
46     if (path.empty() || (path[0] != '/')) {
47         return false;
48     }
49     return StartsWith(path, DIR_DATA_DATA) || StartsWith(path, DIR_DATA_USER);
50 }
51 
IsInPermitList(std::string_view path)52 static bool IsInPermitList(std::string_view path)
53 {
54     size_t pos = path.rfind('/');
55     if (pos == std::string::npos) {
56         LOG(ERROR, RUNTIME) << "Failed to get file name from path: " << path;
57         return false;
58     }
59     std::string_view file_name = path.substr(pos + 1U);
60     return StartsWith(file_name, "HMS-Ohos-");
61 }
62 
CanLoadPandaFileInternal(std::string_view real_path) const63 bool RuntimeController::CanLoadPandaFileInternal(std::string_view real_path) const
64 {
65     return (!StartsWithData(real_path)) || IsInPermitList(real_path);
66 }
67 
CanLoadPandaFile(const std::string & path) const68 bool RuntimeController::CanLoadPandaFile(const std::string &path) const
69 {
70     if (IsZidaneApp() && (!IsMultiFramework())) {
71         // Avoid large frame.
72         PandaVector<char> buffer(PATH_MAX, 0);
73         if (realpath(path.c_str(), buffer.data()) == nullptr) {
74             LOG(ERROR, RUNTIME) << "Failed to get realpath for " << path;
75             return true;  // Allow loading panda file.
76         }
77         std::string_view real_path = buffer.data();
78         bool allow = CanLoadPandaFileInternal(real_path);
79         if (!allow) {
80             LOG(WARNING, RUNTIME) << "Disallow loading panda file in data directory : " << path;
81         }
82         return allow;
83     }
84     return true;
85 }
86 
87 }  // namespace panda
88