summaryrefslogtreecommitdiff
path: root/src/lib/ecore_fb
diff options
context:
space:
mode:
authorCarsten Haitzler (Rasterman) <raster@rasterman.com>2017-02-09 17:03:49 +0900
committerCarsten Haitzler (Rasterman) <raster@rasterman.com>2017-02-09 18:38:28 +0900
commit5c431b14de9cfbb54ea93b876afc31a1e3305913 (patch)
tree4671eec2f20504decf6c9b93df1dd6f128f27519 /src/lib/ecore_fb
parent0ea4d0d821f115b83cffef54378d1ead958ef266 (diff)
evas fb dev env var - allow in setuid processes with sanitizing
this allows only /dev/fb[0-0] or /dev/fb/something where somthing does not begin with a . - thus no way to break out of the fb subdir... so it should be ok... this keeps setuid safety and allows this env var to work now as intended in this situation.
Diffstat (limited to 'src/lib/ecore_fb')
-rw-r--r--src/lib/ecore_fb/ecore_fb.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/src/lib/ecore_fb/ecore_fb.c b/src/lib/ecore_fb/ecore_fb.c
index d11225e79f..0d90242d0b 100644
--- a/src/lib/ecore_fb/ecore_fb.c
+++ b/src/lib/ecore_fb/ecore_fb.c
@@ -120,16 +120,16 @@ _ecore_fb_size_get(const char *name, int *w, int *h)
120{ 120{
121 struct fb_var_screeninfo fb_var; 121 struct fb_var_screeninfo fb_var;
122 int fb; 122 int fb;
123 const char *s;
123 124
124 if ( 125 if ((s = getenv("EVAS_FB_DEV")) &&
125#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) 126 (((!strncmp(s, "/dev/fb", 7)) &&
126 (getuid() == geteuid()) && 127 ((s[7] >= '0' && s[7] <= '9') || (s[7] == 0))) ||
127#endif 128 ((!strncmp(s, "/dev/fb/", 8)) && (s[8] != '.'))))
128 (getenv("EVAS_FB_DEV")))
129 { 129 {
130 fb = open(getenv("EVAS_FB_DEV"), O_RDWR); 130 fb = open(s, O_RDWR);
131 if (fb < 0) 131 if (fb < 0)
132 fprintf(stderr, "[ecore_fb] error opening $EVAS_FB_DEV=%s: %s\n", getenv("EVAS_FB_DEV"), strerror(errno)); 132 fprintf(stderr, "[ecore_fb] error opening $EVAS_FB_DEV=%s: %s\n", s, strerror(errno));
133 } 133 }
134 else 134 else
135 { 135 {