• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "runtime_controller.h"
17 
18 #include <algorithm>
19 #include <string>
20 #include <string_view>
21 #include <sys/param.h>
22 #include <unistd.h>
23 
24 #include "libpandabase/utils/logger.h"
25 #include "runtime/include/mem/panda_containers.h"
26 
27 namespace panda {
28 
29 /// Data directory of applications for default user.
30 constexpr std::string_view DIR_DATA_DATA = "/data/data/";
31 
32 /// Data directory of applications for non-default users.
33 constexpr std::string_view DIR_DATA_USER = "/data/user/";
34 
StartsWith(std::string_view s,std::string_view prefix)35 static bool StartsWith(std::string_view s, std::string_view prefix)
36 {
37     return (s.size() >= prefix.size()) && std::equal(prefix.begin(), prefix.end(), s.begin());
38 }
39 
StartsWithData(std::string_view path)40 static bool StartsWithData(std::string_view path)
41 {
42     if (path.empty() || (path[0] != '/')) {
43         return false;
44     }
45     return StartsWith(path, DIR_DATA_DATA) || StartsWith(path, DIR_DATA_USER);
46 }
47 
IsInPermitList(std::string_view path)48 static bool IsInPermitList(std::string_view path)
49 {
50     size_t pos = path.rfind('/');
51     if (pos == std::string::npos) {
52         LOG(ERROR, RUNTIME) << "Failed to get file name from path: " << path;
53         return false;
54     }
55     std::string_view fileName = path.substr(pos + 1U);
56     return StartsWith(fileName, "HMS-Ohos-");
57 }
58 
CanLoadPandaFileInternal(std::string_view realPath) const59 bool RuntimeController::CanLoadPandaFileInternal(std::string_view realPath) const
60 {
61     return (!StartsWithData(realPath)) || IsInPermitList(realPath);
62 }
63 
CanLoadPandaFile(const std::string & path) const64 bool RuntimeController::CanLoadPandaFile(const std::string &path) const
65 {
66     if (IsZidaneApp() && (!IsMultiFramework())) {
67         // Avoid large frame.
68         PandaVector<char> buffer(PATH_MAX, 0);
69         if (realpath(path.c_str(), buffer.data()) == nullptr) {
70             LOG(ERROR, RUNTIME) << "Failed to get realpath for " << path;
71             return true;  // Allow loading panda file.
72         }
73         std::string_view realPath = buffer.data();
74         bool allow = CanLoadPandaFileInternal(realPath);
75         if (!allow) {
76             LOG(WARNING, RUNTIME) << "Disallow loading panda file in data directory : " << path;
77         }
78         return allow;
79     }
80     return true;
81 }
82 
83 }  // namespace panda
84