From 83ab6f5772dfa71a3848b2a4e475de0c00726807 Mon Sep 17 00:00:00 2001
From: huaqingsimeng <1004904143@qq.com>
Date: Tue, 25 Jul 2023 14:40:50 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A4=87=E4=BB=BD=E6=81=A2=E5=A4=8D=E9=9D=99?=
 =?UTF-8?q?=E6=80=81=E6=89=AB=E6=8F=8F=E4=BB=A3=E7=A0=81=E8=A7=84=E8=8C=83?=
 =?UTF-8?q?=E5=A4=84=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: huaqingsimeng <qiukaiqing@huawei.com>
---
 .../include/module_ipc/svc_session_manager.h         |  2 +-
 services/backup_sa/src/module_ipc/service.cpp        | 12 +++++++-----
 tools/backup_tool/src/tools_op_restore_async.cpp     |  5 ++++-
 3 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/services/backup_sa/include/module_ipc/svc_session_manager.h b/services/backup_sa/include/module_ipc/svc_session_manager.h
index 320a0b7b4..6113ac1aa 100644
--- a/services/backup_sa/include/module_ipc/svc_session_manager.h
+++ b/services/backup_sa/include/module_ipc/svc_session_manager.h
@@ -69,7 +69,7 @@ public:
             Caller must complete all processes before next user tigger.<Session>
             [RESTORE] Support for multiple users, incoming during restore process.
         */
-        int32_t userId;
+        int32_t userId {100};
     };
 
 public:
diff --git a/services/backup_sa/src/module_ipc/service.cpp b/services/backup_sa/src/module_ipc/service.cpp
index 7efc4660b..aec7bbd0a 100644
--- a/services/backup_sa/src/module_ipc/service.cpp
+++ b/services/backup_sa/src/module_ipc/service.cpp
@@ -38,6 +38,7 @@
 #include "ability_manager_client.h"
 #include "accesstoken_kit.h"
 #include "b_error/b_error.h"
+#include "b_error/b_excep_utils.h"
 #include "b_file_info.h"
 #include "b_json/b_json_cached_entity.h"
 #include "b_json/b_json_entity_caps.h"
@@ -90,9 +91,10 @@ UniqueFd Service::GetLocalCapabilities()
         */
         session_->SetSessionUserId(GetUserIdDefault(IPCSkeleton::GetCallingUid()));
         VerifyCaller();
+        string path = BConstants::GetSaBundleBackupRootDir(session_->GetSessionUserId());
+        BExcepUltils::VerifyPath(path, false);
         BJsonCachedEntity<BJsonEntityCaps> cachedEntity(
-            UniqueFd(open(BConstants::GetSaBundleBackupRootDir(
-                session_->GetSessionUserId()).data(), O_TMPFILE | O_RDWR, 0600)));
+            UniqueFd(open(path.data(), O_TMPFILE | O_RDWR, S_IRUSR | S_IWUSR)));
 
         auto cache = cachedEntity.Structuralize();
 
@@ -398,9 +400,9 @@ ErrCode Service::LaunchBackupExtension(const BundleName &bundleName)
         }
 
         AAFwk::Want want;
-        string backupExtName = session_->GetBackupExtName(bundleName); /* new device app ext name */
-        string versionName = session_->GetBundleVersionName(bundleName); /* old device app version name */
-        uint32_t versionCode = session_->GetBundleVersionCode(bundleName); /* old device app version code */
+        string backupExtName = session_->GetBackupExtName(bundleName);            /* new device app ext name */
+        string versionName = session_->GetBundleVersionName(bundleName);          /* old device app version name */
+        uint32_t versionCode = session_->GetBundleVersionCode(bundleName);        /* old device app version code */
         RestoreTypeEnum restoreType = session_->GetBundleRestoreType(bundleName); /* app restore type */
 
         want.SetElementName(bundleName, backupExtName);
diff --git a/tools/backup_tool/src/tools_op_restore_async.cpp b/tools/backup_tool/src/tools_op_restore_async.cpp
index 82ed49779..104d2194a 100644
--- a/tools/backup_tool/src/tools_op_restore_async.cpp
+++ b/tools/backup_tool/src/tools_op_restore_async.cpp
@@ -94,6 +94,7 @@ static void OnFileReady(shared_ptr<SessionAsync> ctx, const BFileInfo &fileInfo,
     if (access(tmpPath.data(), F_OK) != 0) {
         throw BError(BError::Codes::TOOL_INVAL_ARG, generic_category().message(errno));
     }
+    BExcepUltils::VerifyPath(tmpPath, false);
     UniqueFd fdLocal(open(tmpPath.data(), O_RDONLY));
     if (fdLocal < 0) {
         throw BError(BError::Codes::TOOL_INVAL_ARG, generic_category().message(errno));
@@ -169,6 +170,7 @@ static void RestoreApp(shared_ptr<SessionAsync> restore, vector<BundleName> &bun
 
 static int32_t ChangeBundleInfo(const string &pathCapFile, const vector<string> &bundleNames, const string &type)
 {
+    BExcepUltils::VerifyPath(pathCapFile, false);
     UniqueFd fd(open(pathCapFile.data(), O_RDWR, S_IRWXU));
     if (fd < 0) {
         fprintf(stderr, "Failed to open file error: %d %s\n", errno, strerror(errno));
@@ -181,7 +183,7 @@ static int32_t ChangeBundleInfo(const string &pathCapFile, const vector<string>
     vector<BJsonEntityCaps::BundleInfo> bundleInfos;
     for (auto name : bundleNames) {
         string versionName = string(BConstants::DEFAULT_VERSION_NAME);
-        int32_t versionCode = BConstants::DEFAULT_VERSION_CODE;
+        uint32_t versionCode = static_cast<uint32_t>(BConstants::DEFAULT_VERSION_CODE);
         if (type == "false") {
             auto iter = find_if(infos.begin(), infos.end(), [name](const auto &it) { return it.name == name; });
             if (iter != infos.end()) {
@@ -209,6 +211,7 @@ static int32_t AppendBundles(shared_ptr<SessionAsync> restore,
                              const string &type,
                              const string &userId)
 {
+    BExcepUltils::VerifyPath(pathCapFile, false);
     UniqueFd fd(open(pathCapFile.data(), O_RDWR, S_IRWXU));
     if (fd < 0) {
         fprintf(stderr, "Failed to open file error: %d %s\n", errno, strerror(errno));
-- 
Gitee