From af6674e7fa440386c74f6dd767a9c94a5a6b4a82 Mon Sep 17 00:00:00 2001
From: twwang <920347125@qq.com>
Date: Tue, 11 Aug 2020 14:17:51 +0800
Subject: [PATCH] Eliminate potential risks for not handling format file path &
 socket resource

modify coding for not handling format file path for ApiGen.cpp, close
ime socket resource  in some scence
---
 external/android-emugl/host/tools/emugen/ApiGen.cpp | 10 ++++++++--
 src/anbox/platform/sdl/platform.cpp                 |  1 +
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/external/android-emugl/host/tools/emugen/ApiGen.cpp b/external/android-emugl/host/tools/emugen/ApiGen.cpp
index 142bf0e..f787d2f 100644
--- a/external/android-emugl/host/tools/emugen/ApiGen.cpp
+++ b/external/android-emugl/host/tools/emugen/ApiGen.cpp
@@ -58,9 +58,15 @@ void ApiGen::printHeader(FILE *fp) const
 
 int ApiGen::genProcTypes(const std::string &filename, SideType side)
 {
-    FILE *fp = fopen(filename.c_str(), "wt");
+    const char* untrustPath = filename.c_str();
+    char path[PATH_MAX] = {0};
+    if (realpath(untrustPath, path) == NULL) {
+	    return -1;
+    }
+
+    FILE *fp = fopen(path, "wt");
     if (fp == NULL) {
-        perror(filename.c_str());
+        perror(path);
         return -1;
     }
     printHeader(fp);
diff --git a/src/anbox/platform/sdl/platform.cpp b/src/anbox/platform/sdl/platform.cpp
index 3e061f2..4ac31f8 100644
--- a/src/anbox/platform/sdl/platform.cpp
+++ b/src/anbox/platform/sdl/platform.cpp
@@ -176,6 +176,7 @@ void Platform::create_ime_socket() {
   socket_addr.sun_family = AF_UNIX;
   if (ime_socket_file_.length() >= strlen(socket_addr.sun_path) - 1) {
     ERROR("Create ime failed, socket path too long");
+    close(ime_socket);
     return;
   }
   strcpy(socket_addr.sun_path, ime_socket_file_.c_str());
-- 
Gitee