Check that dir name is a pid before attempting to read Prevents selinux denials for folders in /proc that do not have the default /proc label. Bug: 68146208 Test: no selinux denials for vold attempting to read proc_asound dir. Merged-In: I7cdd3bbe8e687e078372012773e9a34a5c76e0f8 Change-Id: I7cdd3bbe8e687e078372012773e9a34a5c76e0f8

commit: a997db73d64e748ecf20c2de3e517c19247c5e81 [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Mon Oct 23 17:12:31 2017 -0700
committer: Jeffrey Vander Stoep <jeffv@google.com> Tue Oct 24 14:04:27 2017 +0000
tree: 465cd541047632edebbfbc84d5897e1762a369ed
parent: 2890b8d21565be4349956c67261cd370e4814c28 [diff]
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index a46d43b..25d46a6 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp

@@ -37,6 +37,7 @@
 #include <openssl/md5.h>
 
 #include <android-base/logging.h>
+#include <android-base/parseint.h>
 #include <android-base/stringprintf.h>
 #include <cutils/fs.h>
 #include <cutils/log.h>
@@ -594,6 +595,10 @@
 
     // Poke through all running PIDs look for apps running as UID
     while ((de = readdir(dir))) {
+        pid_t pid;
+        if (de->d_type != DT_DIR) continue;
+        if (!android::base::ParseInt(de->d_name, &pid)) continue;
+
         pidFd = -1;
         nsFd = -1;
commit	a997db73d64e748ecf20c2de3e517c19247c5e81	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Mon Oct 23 17:12:31 2017 -0700
committer	Jeffrey Vander Stoep <jeffv@google.com>	Tue Oct 24 14:04:27 2017 +0000
tree	465cd541047632edebbfbc84d5897e1762a369ed
parent	2890b8d21565be4349956c67261cd370e4814c28 [diff]