• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "dlp_file_kits.h"
17 #include <cstdlib>
18 #include <fcntl.h>
19 #include <string>
20 #include <sys/stat.h>
21 #include <sys/types.h>
22 #include <unistd.h>
23 #include <unordered_map>
24 #include "dlp_permission_log.h"
25 #include "dlp_zip.h"
26 #include "securec.h"
27 
28 namespace OHOS {
29 namespace Security {
30 namespace DlpPermission {
31 namespace {
32     static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_DLP_PERMISSION, "DlpFileKits"};
33 } // namespace
34 using Want = OHOS::AAFwk::Want;
35 using WantParams = OHOS::AAFwk::WantParams;
36 
37 static const std::unordered_map<std::string, std::string> SUFFIX_MIMETYPE_MAP = {
38     {"txt", "text/plain"},
39     {"doc", "text/plain"},
40     {"docx", "application/vnd.openxmlformats-officedocument.wordprocessingml.document"},
41     {"xlsx", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"},
42     {"pptx", "application/vnd.openxmlformats-officedocument.presentationml.presentation"},
43 };
44 
GetWantFileName(const WantParams & param)45 static std::string GetWantFileName(const WantParams& param)
46 {
47     WantParams wp = param.GetWantParams(TAG_FILE_NAME);
48     if (wp.IsEmpty()) {
49         return std::string();
50     }
51 
52     return wp.GetStringParam(TAG_FILE_NAME_VALUE);
53 }
54 
GetWantFileDescriptor(const WantParams & param)55 static int GetWantFileDescriptor(const WantParams& param)
56 {
57     WantParams wp = param.GetWantParams(TAG_KEY_FD);
58     if (wp.IsEmpty()) {
59         DLP_LOG_WARN(LABEL, "Get want params fail, no file fd param found");
60         return INVALID_FD;
61     }
62 
63     std::string type = wp.GetStringParam(TAG_KEY_FD_TYPE);
64     if (type != VALUE_KEY_FD_TYPE) {
65         DLP_LOG_WARN(LABEL, "Get want params fail, fd type error, type=%{public}s", type.c_str());
66         return INVALID_FD;
67     }
68     return wp.GetIntParam(TAG_KEY_FD_VALUE, INVALID_FD);
69 }
70 
IsDlpFileName(const std::string & dlpFileName)71 static bool IsDlpFileName(const std::string& dlpFileName)
72 {
73     uint32_t dlpSuffixLen = DLP_FILE_SUFFIX.size();
74     uint32_t fileNameLen = dlpFileName.size();
75     if (fileNameLen <= dlpSuffixLen) {
76         return false;
77     }
78 
79     if (dlpFileName.substr(fileNameLen - dlpSuffixLen, dlpSuffixLen) != DLP_FILE_SUFFIX) {
80         return false;
81     }
82     return true;
83 }
84 
GetDlpFileRealSuffix(const std::string & dlpFileName)85 static std::string GetDlpFileRealSuffix(const std::string& dlpFileName)
86 {
87     uint32_t dlpSuffixLen = DLP_FILE_SUFFIX.size();
88     std::string realFileName = dlpFileName.substr(0, dlpFileName.size() - dlpSuffixLen);
89     char escape = '.';
90     std::size_t escapeLocate = realFileName.find_last_of(escape);
91     if (escapeLocate >= realFileName.size()) {
92         DLP_LOG_ERROR(LABEL, "Get file suffix fail, no '.' in file name");
93         return DEFAULT_STRING;
94     }
95 
96     return realFileName.substr(escapeLocate + 1);
97 }
98 
GetMimeTypeBySuffix(const std::string & suffix)99 static std::string GetMimeTypeBySuffix(const std::string& suffix)
100 {
101     auto iter = SUFFIX_MIMETYPE_MAP.find(suffix);
102     if (iter != SUFFIX_MIMETYPE_MAP.end()) {
103         return iter->second;
104     }
105     return DEFAULT_STRING;
106 }
107 
IsValidDlpHeader(const struct DlpHeader & head)108 static bool IsValidDlpHeader(const struct DlpHeader& head)
109 {
110     if (head.magic != DLP_FILE_MAGIC || head.certSize == 0 || head.certSize > DLP_MAX_CERT_SIZE ||
111         head.contactAccountSize == 0 || head.contactAccountSize > DLP_MAX_CERT_SIZE ||
112         head.certOffset != sizeof(struct DlpHeader) ||
113         head.contactAccountOffset != (sizeof(struct DlpHeader) + head.certSize) ||
114         head.txtOffset != (sizeof(struct DlpHeader) + head.certSize + head.contactAccountSize + head.offlineCertSize) ||
115         head.txtSize > DLP_MAX_CONTENT_SIZE || head.offlineCertSize > DLP_MAX_CERT_SIZE) {
116         DLP_LOG_ERROR(LABEL, "parse dlp file header error.");
117         return false;
118     }
119     return true;
120 }
121 
IsDlpFile(int32_t dlpFd)122 bool DlpFileKits::IsDlpFile(int32_t dlpFd)
123 {
124     if (dlpFd < 0) {
125         DLP_LOG_ERROR(LABEL, "dlp file fd is invalid");
126         return false;
127     }
128 
129     if (IsZipFile(dlpFd)) {
130         return true;
131     }
132 
133     off_t curPos = lseek(dlpFd, 0, SEEK_CUR);
134     if (curPos < 0) {
135         DLP_LOG_ERROR(LABEL, "seek dlp file current failed, %{public}s", strerror(errno));
136         return false;
137     }
138 
139     if (lseek(dlpFd, 0, SEEK_SET) == static_cast<off_t>(-1)) {
140         DLP_LOG_ERROR(LABEL, "seek dlp file start failed, %{public}s", strerror(errno));
141         return false;
142     }
143     struct DlpHeader head;
144     if (read(dlpFd, &head, sizeof(struct DlpHeader)) != sizeof(struct DlpHeader)) {
145         DLP_LOG_ERROR(LABEL, "can not read dlp file head, %{public}s", strerror(errno));
146         return false;
147     }
148 
149     if (lseek(dlpFd, curPos, SEEK_SET) < 0) {
150         DLP_LOG_ERROR(LABEL, "seek dlp file back failed, %{public}s", strerror(errno));
151         return false;
152     }
153 
154     return IsValidDlpHeader(head);
155 }
156 
GetSandboxFlag(Want & want)157 bool DlpFileKits::GetSandboxFlag(Want& want)
158 {
159     std::string action = want.GetAction();
160     if (action != TAG_ACTION_VIEW && action != TAG_ACTION_EDIT) {
161         DLP_LOG_DEBUG(LABEL, "Action %{public}s is not dlp scene", action.c_str());
162         return false;
163     }
164 
165     const WantParams& param = want.GetParams();
166     std::string fileName = GetWantFileName(param);
167     if (fileName == DEFAULT_STRING || !IsDlpFileName(fileName)) {
168         DLP_LOG_DEBUG(LABEL, "File name is not exist or not dlp, name=%{private}s", fileName.c_str());
169         return false;
170     }
171 
172     int fd = GetWantFileDescriptor(param);
173     if (!IsDlpFile(fd)) {
174         DLP_LOG_WARN(LABEL, "Fd %{public}d is not dlp file", fd);
175         return false;
176     }
177 
178     std::string realSuffix = GetDlpFileRealSuffix(fileName);
179     if (realSuffix != DEFAULT_STRING) {
180         DLP_LOG_DEBUG(LABEL, "Real suffix is %{public}s", realSuffix.c_str());
181         std::string realType = GetMimeTypeBySuffix(realSuffix);
182         if (realType != DEFAULT_STRING) {
183             want.SetType(realType);
184         } else {
185             DLP_LOG_INFO(LABEL, "Real suffix %{public}s not match known type, using origin type %{public}s",
186                 realSuffix.c_str(), want.GetType().c_str());
187         }
188     }
189     DLP_LOG_INFO(LABEL, "Sanbox flag is true");
190     return true;
191 }
192 }  // namespace DlpPermission
193 }  // namespace Security
194 }  // namespace OHOS
195