Only dlopen valid fd

2024-11-27 12:05:30 +00:00 · 2022-03-22 12:06:59 +08:00 · 2022-03-22 12:06:59 +08:00 · 9e8218089b
commit 9e8218089b
parent 3f660a3963
2 changed files with 16 additions and 8 deletions
--- a/native/jni/zygisk/hook.cpp
+++ b/native/jni/zygisk/hook.cpp
@ -359,6 +359,11 @@ void HookContext::run_modules_pre(const vector<int> &fds) {
    modules.reserve(fds.size());

    for (int i = 0; i < fds.size(); ++i) {
+        struct stat s{};
+        if (fstat(fds[i], &s) != 0 || !S_ISREG(s.st_mode)) {
+            close(fds[i]);
+            continue;
+        }
        android_dlextinfo info {
            .flags = ANDROID_DLEXT_USE_LIBRARY_FD,
            .library_fd = fds[i],
--- a/native/jni/zygisk/main.cpp
+++ b/native/jni/zygisk/main.cpp
@ -114,14 +114,17 @@ static void zygiskd(int socket) {
        vector<int> module_fds = recv_fds(socket);
        for (int fd : module_fds) {
            comp_entry entry = nullptr;
-            android_dlextinfo info {
-                    .flags = ANDROID_DLEXT_USE_LIBRARY_FD,
-                    .library_fd = fd,
-            };
-            if (void *h = android_dlopen_ext("/jit-cache", RTLD_LAZY, &info)) {
-                *(void **) &entry = dlsym(h, "zygisk_companion_entry");
-            } else {
-                LOGW("Failed to dlopen zygisk module: %s\n", dlerror());
+            struct stat s{};
+            if (fstat(fd, &s) == 0 && S_ISREG(s.st_mode)) {
+                android_dlextinfo info {
+                        .flags = ANDROID_DLEXT_USE_LIBRARY_FD,
+                        .library_fd = fd,
+                };
+                if (void *h = android_dlopen_ext("/jit-cache", RTLD_LAZY, &info)) {
+                    *(void **) &entry = dlsym(h, "zygisk_companion_entry");
+                } else {
+                    LOGW("Failed to dlopen zygisk module: %s\n", dlerror());
+                }
            }
            modules.push_back(entry);
            close(fd);