From e9260740ac70ce654d36cf4a8e4b6175efb4626e Mon Sep 17 00:00:00 2001 From: Matt Mower Date: Sun, 22 Feb 2015 20:20:18 -0600 Subject: Cleanup device_id retrieval * If TW_USE_MODEL_HARDWARE_ID_FOR_DEVICE_ID is defined: - provide the header that defines property functions/constants - actually look for hardware_id before attempting to append it * Perform string length checks rigorously. * Only perform newline removal if string is used before sanitization. * Copy changes to htcdumlock, but rely on cmdline only. ps3: fix merge conflict in data.cpp includes Change-Id: I720d3bc8416758f5f83782e8bc298b32eda1a573 --- htcdumlock/htcdumlock.c | 118 ++++++++++++++++-------------------------------- 1 file changed, 38 insertions(+), 80 deletions(-) (limited to 'htcdumlock') diff --git a/htcdumlock/htcdumlock.c b/htcdumlock/htcdumlock.c index ec9469f8a..911961292 100644 --- a/htcdumlock/htcdumlock.c +++ b/htcdumlock/htcdumlock.c @@ -36,6 +36,8 @@ // Number of bytes in the ramdisks to compare #define SCAN_SIZE 60 +#define DEVID_MAX 64 + #define CMDLINE_SERIALNO "androidboot.serialno=" #define CMDLINE_SERIALNO_LEN (strlen(CMDLINE_SERIALNO)) #define CPUINFO_SERIALNO "Serial" @@ -43,98 +45,54 @@ #define CPUINFO_HARDWARE "Hardware" #define CPUINFO_HARDWARE_LEN (strlen(CPUINFO_HARDWARE)) -char device_id[255]; +char device_id[DEVID_MAX] = { 0 }; int verbose = 0, java = 0; +void sanitize_device_id(void) { + const char* whitelist ="-._"; + char str[DEVID_MAX]; + char* c = str; + + snprintf(str, DEVID_MAX, "%s", device_id); + memset(device_id, 0, strlen(device_id)); + while (*c) { + if (isalnum(*c) || strchr(whitelist, *c)) + strncat(device_id, c, 1); + c++; + } + return; +} + +/* Recent HTC devices that still take advantage of dumlock + can safely rely on cmdline device_id retrieval */ void get_device_id(void) { FILE *fp; - char line[2048]; - char hardware_id[32]; + char line[2048]; char* token; - // Assign a blank device_id to start with - device_id[0] = 0; - - // First, try the cmdline to see if the serial number was supplied + // Check the cmdline to see if the serial number was supplied fp = fopen("/proc/cmdline", "rt"); - if (fp != NULL) - { - // First step, read the line. For cmdline, it's one long line - fgets(line, sizeof(line), fp); - fclose(fp); - - // Now, let's tokenize the string - token = strtok(line, " "); - - // Let's walk through the line, looking for the CMDLINE_SERIALNO token - while (token) - { - // We don't need to verify the length of token, because if it's too short, it will mismatch CMDLINE_SERIALNO at the NULL - if (memcmp(token, CMDLINE_SERIALNO, CMDLINE_SERIALNO_LEN) == 0) - { - // We found the serial number! - strcpy(device_id, token + CMDLINE_SERIALNO_LEN); - return; - } - token = strtok(NULL, " "); - } - } - - // Now we'll try cpuinfo for a serial number - fp = fopen("/proc/cpuinfo", "rt"); - if (fp != NULL) - { - while (fgets(line, sizeof(line), fp) != NULL) { // First step, read the line. - if (memcmp(line, CPUINFO_SERIALNO, CPUINFO_SERIALNO_LEN) == 0) // check the beginning of the line for "Serial" - { - // We found the serial number! - token = line + CPUINFO_SERIALNO_LEN; // skip past "Serial" - while (((int)*token > 0 && (int)*token <= 32 ) || (int)*token == ':') token++; // skip over all spaces and the colon - if (*token != NULL) { - token[30] = 0; - if (token[strlen(token)-1] == 10) { // checking for endline chars and dropping them from the end of the string if needed - memset(device_id, 0, sizeof(device_id)); - strncpy(device_id, token, strlen(token) - 1); - } else { - strcpy(device_id, token); - } - if (verbose) - printf("serial from cpuinfo: '%s'\n", device_id); - fclose(fp); - return; - } - } else if (memcmp(line, CPUINFO_HARDWARE, CPUINFO_HARDWARE_LEN) == 0) {// We're also going to look for the hardware line in cpuinfo and save it for later in case we don't find the device ID - // We found the hardware ID - token = line + CPUINFO_HARDWARE_LEN; // skip past "Hardware" - while (((int)*token > 0 && (int)*token <= 32 ) || (int)*token == ':') token++; // skip over all spaces and the colon - if (*token != NULL) { - token[30] = 0; - if (token[strlen(token)-1] == 10) { // checking for endline chars and dropping them from the end of the string if needed - memset(hardware_id, 0, sizeof(hardware_id)); - strncpy(hardware_id, token, strlen(token) - 1); - } else { - strcpy(hardware_id, token); - } - if (verbose) - printf("hardware id from cpuinfo: '%s'\n", hardware_id); - } + if (fp != NULL) { + fgets(line, sizeof(line), fp); + fclose(fp); // cmdline is only one line long + + token = strtok(line, " "); + while (token) { + if (memcmp(token, CMDLINE_SERIALNO, CMDLINE_SERIALNO_LEN) == 0) { + token += CMDLINE_SERIALNO_LEN; + snprintf(device_id, DEVID_MAX, "%s", token); + sanitize_device_id(); // also removes newlines + return; } + token = strtok(NULL, " "); } - fclose(fp); - } - - if (hardware_id[0] != 0) { - if (verbose) - printf("using hardware id for device id: '%s'\n", hardware_id); - strcpy(device_id, hardware_id); - return; } - strcpy(device_id, "serialno"); + strcpy(device_id, "serialno"); if (verbose) printf("device id not found, using '%s'.", device_id); - return; + return; } void reboot_device() { @@ -386,8 +344,8 @@ int main(int argc, char** argv) get_device_id(); if (verbose) printf("Device ID is: '%s'\n", device_id); - if (strcmp(device_id, "0000000000000000") == 0) { - printf("Error, device ID is all zeros!\n"); + if (strcmp(device_id, "serialno") == 0) { + printf("Error, dummy device ID detected!\n"); printf("Did you 'su' first? HTC Dumlock requires root access.\nFailed\n"); return 0; } -- cgit v1.2.3