From 901cd8ad0a5a0fa4fc7585df2948b18e9172335d Mon Sep 17 00:00:00 2001
From: panqiangbiao <panqiangbiao@huawei.com>
Date: Sun, 6 Mar 2022 10:14:16 +0800
Subject: [PATCH] add accessToken check for ipc

Signed-off-by: panqiangbiao <panqiangbiao@huawei.com>
---
 services/src/client/file_manager_proxy.cpp        |  7 +++++--
 services/src/server/file_manager_service_stub.cpp | 10 ++++++++--
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/services/src/client/file_manager_proxy.cpp b/services/src/client/file_manager_proxy.cpp
index 663efaa9..0c15b609 100644
--- a/services/src/client/file_manager_proxy.cpp
+++ b/services/src/client/file_manager_proxy.cpp
@@ -46,6 +46,7 @@ int FileManagerProxy::GetRoot(const CmdOptions &option, vector<shared_ptr<FileIn
         code = (Equipment::EXTERNAL_STORAGE << EQUIPMENT_SHIFT) | Operation::GET_ROOT;
     }
     MessageParcel data;
+    data.WriteInterfaceToken(GetDescriptor());
     data.WriteString(op.GetDevInfo().GetName());
     MessageParcel reply;
     MessageOption messageOption;
@@ -67,6 +68,7 @@ int FileManagerProxy::CreateFile(const std::string &path, const std::string &fil
     const CmdOptions &option, std::string &uri)
 {
     MessageParcel data;
+    data.WriteInterfaceToken(GetDescriptor());
     data.WriteString(fileName);
     data.WriteString(path);
     MessageParcel reply;
@@ -109,13 +111,13 @@ IFmsClient *IFmsClient::GetFmsInstance()
 int FileManagerProxy::ListFile(const std::string &type, const std::string &path, const CmdOptions &option,
     std::vector<std::shared_ptr<FileInfo>> &fileRes)
 {
-    MessageParcel data;
     CmdOptions op(option);
     std::string devName(op.GetDevInfo().GetName());
     std::string devPath(op.GetDevInfo().GetPath());
     int64_t offset = op.GetOffset();
     int64_t count = op.GetCount();
-
+    MessageParcel data;
+    data.WriteInterfaceToken(GetDescriptor());
     data.WriteString(devName);
     data.WriteString(devPath);
     data.WriteString(type);
@@ -145,6 +147,7 @@ int FileManagerProxy::ListFile(const std::string &type, const std::string &path,
 int FileManagerProxy::Mkdir(const string &name, const string &path)
 {
     MessageParcel data;
+    data.WriteInterfaceToken(GetDescriptor());
     data.WriteString(name);
     data.WriteString(path);
     MessageParcel reply;
diff --git a/services/src/server/file_manager_service_stub.cpp b/services/src/server/file_manager_service_stub.cpp
index dff8a584..ebb5e27c 100644
--- a/services/src/server/file_manager_service_stub.cpp
+++ b/services/src/server/file_manager_service_stub.cpp
@@ -116,17 +116,23 @@ bool CheckClientPermission(const std::string& permissionStr)
 int FileManagerServiceStub::OnRemoteRequest(uint32_t code, MessageParcel &data,
     MessageParcel &reply, MessageOption &option)
 {
+    // check whether request from fms proxy
+    if (data.ReadInterfaceToken() != GetDescriptor()) {
+        ERR_LOG("reject error remote request");
+        reply.WriteInt32(FAIL);
+        return FAIL;
+    }
     // change permission string after finishing accessToken
     string permission = "permission";
     if (!CheckClientPermission(permission)) {
         ERR_LOG("checkpermission error FAIL");
     }
     if (!MediaFileUtils::InitHelper(AsObject())) {
-        ERR_LOG("InitHelper error %{public}d", FAIL);
+        ERR_LOG("Init MediaLibraryDataAbility Helper error");
         reply.WriteInt32(FAIL);
         return FAIL;
     }
-    // do file process
+    // do request process
     int32_t errCode = OperProcess(code, data, reply);
     reply.WriteInt32(errCode);
     return errCode;
-- 
Gitee