mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-29 02:38:22 -05:00
browser-android: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command line processing for control interface event strings. Previously, it could have been possible for some of the event strings to include unsanitized data which is not suitable for system() use. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
17dc39a8bc
commit
3d8a3ffcf0
@ -75,7 +75,7 @@ int hs20_web_browser(const char *url)
|
|||||||
os_memset(&data, 0, sizeof(data));
|
os_memset(&data, 0, sizeof(data));
|
||||||
|
|
||||||
ret = os_snprintf(cmd, sizeof(cmd),
|
ret = os_snprintf(cmd, sizeof(cmd),
|
||||||
"am start -a android.intent.action.VIEW -d '%s' "
|
"start -a android.intent.action.VIEW -d %s "
|
||||||
"-n com.android.browser/.BrowserActivity", url);
|
"-n com.android.browser/.BrowserActivity", url);
|
||||||
if (ret < 0 || (size_t) ret >= sizeof(cmd)) {
|
if (ret < 0 || (size_t) ret >= sizeof(cmd)) {
|
||||||
wpa_printf(MSG_ERROR, "Too long URL");
|
wpa_printf(MSG_ERROR, "Too long URL");
|
||||||
@ -94,7 +94,7 @@ int hs20_web_browser(const char *url)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (system(cmd) != 0) {
|
if (os_exec("/system/bin/am", cmd, 1) != 0) {
|
||||||
wpa_printf(MSG_INFO, "Failed to launch Android browser");
|
wpa_printf(MSG_INFO, "Failed to launch Android browser");
|
||||||
eloop_cancel_timeout(browser_timeout, NULL, NULL);
|
eloop_cancel_timeout(browser_timeout, NULL, NULL);
|
||||||
http_server_deinit(http);
|
http_server_deinit(http);
|
||||||
@ -109,7 +109,7 @@ int hs20_web_browser(const char *url)
|
|||||||
eloop_destroy();
|
eloop_destroy();
|
||||||
|
|
||||||
wpa_printf(MSG_INFO, "Closing Android browser");
|
wpa_printf(MSG_INFO, "Closing Android browser");
|
||||||
if (system("input keyevent 3") != 0) {
|
if (os_exec("/system/bin/input", "keyevent 3", 1) != 0) {
|
||||||
wpa_printf(MSG_INFO, "Failed to inject keyevent");
|
wpa_printf(MSG_INFO, "Failed to inject keyevent");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user