gltrace: Only accept connections from the shell.

Only accept incoming connections from the shell user. Change-Id: Ibef1a796d794d45f73db59949b39cb1ce68542b4
2012-03-15 16:18:38 -07:00 · 2012-03-15 16:18:38 -07:00 · 8e2f3858d5
parent 9eeebe3980
commit 8e2f3858d5
1 changed files with 14 additions and 0 deletions
--- a/opengl/libs/GLES_trace/src/gltrace_transport.cpp
+++ b/opengl/libs/GLES_trace/src/gltrace_transport.cpp
@ -23,6 +23,7 @@
 #include <netinet/in.h>

 #include <cutils/log.h>
+#include <private/android_filesystem_config.h>

 #include "gltrace_transport.h"

@ -67,6 +68,19 @@ int acceptClientConnection(char *sockname) {
        return -1;
    }

+    struct ucred cr;
+    socklen_t cr_len = sizeof(cr);
+    if (getsockopt(clientSocket, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) != 0) {
+        ALOGE("Error obtaining credentials of peer");
+        return -1;
+    }
+
+    // Only accept connects from the shell (adb forward comes to us as shell user)
+    if (cr.uid != AID_SHELL) {
+        ALOGE("Unknown peer type (%d), expected shell to be the peer", cr.uid);
+        return -1;
+    }
+
    ALOGD("gltrace::waitForClientConnection: client connected.");

    // do not accept any more incoming connections