tequilaOS/platform_frameworks_native
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix null pointer deref in libsensor SensorServer

Browse source 
When trying to create a senor direct connection, check that native
handle resource is not null, and if so return BAD_VALUE error.

Bug: 135051254
Test: Load onto device and try "service call sensorservice 5"
commands that have no arguments and random arguments. Both throw  new error
and do not crash system as hoped.

Change-Id: Ie2eaf1a17843da89927293e408768bfbaaf86ec8
This commit is contained in:
Stan Rokita 2019-07-30 14:23:49 -07:00
parent 61eba0db9d
commit 2249c88ec5
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
libs/sensor/ISensorServer.cpp
View file

@ -199,6 +199,10 @@ status_t BnSensorServer::onTransact(
int32_t type = data.readInt32();
int32_t format = data.readInt32();
native_handle_t *resource = data.readNativeHandle();
// Avoid a crash in native_handle_close if resource is nullptr
if (resource == nullptr) {
return BAD_VALUE;
}
sp<ISensorEventConnection> ch =
createSensorDirectConnection(opPackageName, size, type, format, resource);
native_handle_close(resource);