linuxdeepin · deepin-bot · Mar 2, 2026 · Feb 28, 2026
diff --git a/service/diskmanagerservice.cpp b/service/diskmanagerservice.cpp
@@ -152,7 +152,12 @@ bool DiskManagerService::mount(const QString &mountpath)
         return false;
     }
 
-    QString invokerUid = QString::number(connection().interface()->serviceUid(message().service()).value());
+    QDBusReply<uint> uidReply = connection().interface()->serviceUid(message().service());
+    if (!uidReply.isValid()) {
+        qWarning() << "Failed to get invoker UID for mount, refusing operation";
+        return false;
+    }
+    QString invokerUid = QString::number(uidReply.value());
     return m_partedcore->mountAndWriteFstab(mountpath, invokerUid);
 }
 
@@ -502,16 +507,25 @@ bool DiskManagerService::checkAuthorization(void)
     QString actionId("com.deepin.pkexec.deepin-diskmanager");
     QString serviceName = message().service();
 
-    if (serviceName == m_frontEndDBusName ||
-        connection().interface()->serviceUid(serviceName).value() == 0 ||
-        PolicyKitHelper::instance()->checkAuthorization(actionId, serviceName)) {
-        qDebug() << "Authorization granted for service:" << serviceName;
+    if (serviceName == m_frontEndDBusName) {
+        qDebug() << "Authorization granted for frontend:" << serviceName;
+        return true;
+    }
+
+    QDBusReply<uint> uidReply = connection().interface()->serviceUid(serviceName);
+    if (uidReply.isValid() && uidReply.value() == 0) {
+        qDebug() << "Authorization granted for root user";
         return true;
-    } else {
-        qWarning() << "Authorization denied for service:" << serviceName;
-        sendErrorReply(QDBusError::AccessDenied);
-        return false;
     }
+
+    if (PolicyKitHelper::instance()->checkAuthorization(actionId, serviceName)) {
+        qDebug() << "Authorization granted via Polkit for service:" << serviceName;
+        return true;
+    }
+
+    qWarning() << "Authorization denied for service:" << serviceName;
+    sendErrorReply(QDBusError::AccessDenied);
+    return false;
 #endif
 }
 

diff --git a/service/diskoperation/filesystems/btrfs.cpp b/service/diskoperation/filesystems/btrfs.cpp
@@ -386,12 +386,7 @@ double Btrfs::btrfsSize2Double(QString &str)
         double num = numStr.toDouble();
         int index = str.indexOf(numStr);
         int pos = index + numStr.length();
-        if (pos < str.length()) {
-            qDebug() << "pos < str.length()";
-            char unit = str.at(pos).toLatin1();
-
-        }
-        char unit = str.at(pos).toLatin1();
+        char unit = (pos < str.length()) ? str.at(pos).toLatin1() : '\0';
         Byte_Value mult;
         switch (unit) {
             case 'K':	mult = KIBIBYTE ;	break ;

diff --git a/service/diskoperation/luksoperator/luksoperator.cpp b/service/diskoperation/luksoperator/luksoperator.cpp
@@ -5,10 +5,11 @@

 #include "luksoperator.h"
 #include "../fsinfo.h"
 #include <QFile>
+#include <QSaveFile>
 #include <QDir>
 #include <QDateTime>
 #include <QJsonDocument>
 #include <QJsonObject>
 #include <QProcess>
 #include <QTextStream>
@@ -668,6 +669,7 @@
         qDebug() << "open /etc/crypttab failed, return false";
         return false;
     }
+    QFileDevice::Permissions origPerm = file.permissions();
 
     // read crypttab
     bool findflag = false; //目前默认只改第一个发现的uuid findflag 标志位：是否已经查找到uuid
@@ -698,18 +700,23 @@
     }
     file.close();
 
-    //write crypttab
-    if (!file.open(QIODevice::ReadWrite | QIODevice::Truncate)) {
+    // 原子写入：先写临时文件，再 rename 到 /etc/crypttab，避免 TOCTOU 竞态
+    QSaveFile saveFile(QStringLiteral("/etc/crypttab"));
+    if (!saveFile.open(QIODevice::WriteOnly)) {
         qDebug() << "open /etc/crypttab for write failed, return false";
         return false;
     }
-
-    QTextStream out(&file);
+    QTextStream out(&saveFile);
     for (int i = 0; i < list.count(); i++) {
         out << list.at(i);
     }
     out.flush();
-    file.close();
+    if (!saveFile.commit()) {
+        qDebug() << "commit /etc/crypttab failed, return false";
+        return false;
+    }
+    // 恢复原文件权限，避免 QSaveFile 使用临时文件导致权限被 umask 改变
+    QFile::setPermissions(QStringLiteral("/etc/crypttab"), origPerm);
     qDebug() << "Successfully created key file:" << filePath;
     qDebug() << "LUKSOperator::wirteCrypttab END";
     return true;