tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libsysutils: Fix vold vulnerability in FrameworkListener

Browse source 
Don't release the sender socket when FrameworkListener receives
a command that exceed the maximum buffer length

Bug: https://issuetracker.google.com/issues/62812018
Test: manual

Change-Id: I160f504f3fb902ba25fc79deb8ae7d78d811a807
This commit is contained in:
NIEJuhu 2017-06-10 13:20:41 +08:00 committed by Juhu Nie
parent 4c28ca1ac8
commit d3c86412ad
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libsysutils/src/FrameworkListener.cpp
View file

@ -68,7 +68,7 @@ bool FrameworkListener::onDataAvailable(SocketClient *c) {
android_errorWriteLog(0x534e4554, "29831647");
c->sendMsg(500, "Command too large for buffer", false);
mSkipToNextNullByte = true;
return false;
return true;
}
int offset = 0;