From 05b64034b91eff980e99f3da815fbe03b57eb5fc Mon Sep 17 00:00:00 2001 From: lwx1281857 Date: Mon, 31 Mar 2025 16:17:19 +0800 Subject: [PATCH] Description: Add fdsan Feature or Bugfix: Feature Binary Source:No Signed-off-by: lwx1281857 --- modules/sandbox/appspawn_sandbox.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/sandbox/appspawn_sandbox.c b/modules/sandbox/appspawn_sandbox.c index 595eac96..5bb26e37 100644 --- a/modules/sandbox/appspawn_sandbox.c +++ b/modules/sandbox/appspawn_sandbox.c @@ -307,13 +307,14 @@ static int32_t SandboxMountFusePath(const SandboxContext *context, const MountAr int fd = open("/dev/fuse", O_RDWR); APPSPAWN_CHECK(fd != -1, return -EINVAL, "open /dev/fuse failed, errno: %{public}d sandbox path %{public}s", errno, args->destinationPath); + fdsan_exchange_owner_tag(fd, 0, APPSPAWN_DOMAIN); char options[OPTIONS_MAX_LEN] = {0}; int ret = sprintf_s(options, sizeof(options), "fd=%d," "rootmode=40000,user_id=%d,group_id=%d,allow_other," "context=\"u:object_r:dlp_fuse_file:s0\"," "fscontext=u:object_r:dlp_fuse_file:s0", fd, info->uid, info->gid); - APPSPAWN_CHECK(ret > 0, close(fd); + APPSPAWN_CHECK(ret > 0, fdsan_close_with_tag(fd, APPSPAWN_DOMAIN); return APPSPAWN_ERROR_UTILS_MEM_FAIL, "sprintf options fail"); APPSPAWN_LOGV("Bind mount dlp fuse \n " @@ -326,7 +327,7 @@ static int32_t SandboxMountFusePath(const SandboxContext *context, const MountAr MountArg mountArg = {args->originPath, args->destinationPath, args->fsType, args->mountFlags, options, MS_SHARED}; ret = SandboxMountPath(&mountArg); if (ret != 0) { - close(fd); + fdsan_close_with_tag(fd, APPSPAWN_DOMAIN); return -1; } /* set DLP_FUSE_FD */ -- Gitee