Use external/safe-iop to check for overflows on arithmetic
operations.
Also remove an unnecessary copy of Vector/SharedBuffer from
codeflinger and use the copy from libutils instead.
Note that some of the unit tests are somewhat useless due to
test-runner limitations : gtest's ability to filter on abort message
doesn't work when combined with messages formatted by android's logging
system.
bug: 22953624
(cherry picked from commit c609c31fb5)
Change-Id: I61644633db6b54fa230683615de9724f7fabf6fb
CYGWIN is not supported, USE_MINGW and HOST_OS==windows are being
replaced with LOCAL_..._windows variables.
Bug: 23566667
Change-Id: I3e4a1e4097dc994cf5abdce6939e83a91758fd75
Use external/safe-iop to check for overflows on arithmetic
operations.
Also remove an unnecessary copy of Vector/SharedBuffer from
codeflinger and use the copy from libutils instead.
Note that some of the unit tests are somewhat useless due to
test-runner limitations : gtest's ability to filter on abort message
doesn't work when combined with messages formatted by android's logging
system.
bug: 22953624
Change-Id: I46b1ae8ca1f3a010be13aca36a091e76a97a7b70
j is a ssize_t, which can go negative. If it goes negative,
the resulting multiplication of mItemSize*j doesn't make
any sense. Since the value is never used, just don't perform
the calculation if j < 0.
Bug: 23607865
Change-Id: I14f6f6506645d582f7d67a2e2d60ead3cb18b957
* Hashing functions rely on integer overflow behavior.
Mark those functions as safe.
* abort() if a passed in size_t value is greater than
UINT32_MAX. This can occur on 64 bit builds where size_t
is larger than uint32_t.
* Special case the index lookup for an empty sorted vector.
Without the special case, size() == 0, and size()-1 underflows.
Change-Id: I343a14b589fc8f0d221c1998ae5d6f0b9e2781f8
It's easier for people to debug, and side-steps the problem that errno
values differ between architectures.
Bug: http://b/17458391
Change-Id: I1db9b2cbb653839d3936b91e37e5cff02671318a
Sometimes it seems like we can get into a situation where we are
unable to remove an fd from the epoll set but it keeps sending us
events anyhow. Defensively rebuild the epoll set in this case
to prevent us from spinning forever.
Bug: 21271428
Change-Id: I5607e565f2e12460d7113a1f62a70d38d334e271
Add a build id field to the header structure in blob cache. Add build
id support with reading and writing the cache. When the cache gets
written it writes the build id at the end of the header. When read it
checks to see if there is a match between the current version and the
version in the cache. If not, it invalidates the cache which would
typically only occur during an ota update. Also remove blob cache
from the host build.
bug: 18262905
Change-Id: I753b1de1986703a4c1c8691b9d2bb533b2546143
When a file descriptor is closed before removing it from the
epoll set, it will normally be removed automatically from the
epoll set by the kernel. However if there exists a duplicate
then the original file descriptor may remain in the set and
continue to receive events until all duplicates have been closed.
Unfortunately due to kernel limitations we need to rebuild the epoll
set from scratch because it may contain an old file handle that we are
now unable to remove since its file descriptor is no longer valid.
No such problem would have occurred if we were using the poll system
call instead, but that approach carries others disadvantages.
Bug: 19715279
Change-Id: If1ab8ebda0825755a416d513e888942a02ee3948
Added code to protect against situations that may occur when a
Looper callback has the side-effect of closing the file descriptor that
it is watching before it returns. This code pattern is very
convenient for implementation but it does expose issues in how
the list of callbacks is maintained. In particular, we
need to watch out for file descriptors which have been reused.
This change may resolve previously unexplained ANRs associated with
log messages such as: "Error modifying epoll events for fd 44, errno=2"
Bug: 10349083
Change-Id: I20eedf6ffbdeda382653ca0104962505194741b0
The loop isn't technically idle at this time, it's just checking
whether any file descriptors have pending events. However it's
still a good signal as to whether the loop is alive.
Bug: 19532373
Change-Id: I555c473e70ffd8a56e1b10aa60026eb674a16de9
Nobody ever called acquire() so release() was always
equivalent to delete. Just use delete instead so that
people can use unique_ptr directly (or shared_ptr if
they really want refcounts).
Change-Id: I9e3ad5e0f6a4fcc4e02e5a2ff7ef9514fe234415
The reference to NOT_USING_KLIBC appears to be the only one
in our codebase. This change also removes some cygwin specific
retry logic - all other supported platforms in this section
of the code should support mapping at an offset.
Note that i've reversed the sense of the check, we always sysconf
since that's recommended practice.
Change-Id: Ib985fb665193d7a07a282f7092cd77c0bc508a66
The actual bug is == instead of !=, but the real cause was me trying to be
too clever. This patch switches to much simpler code, and -- since the
intended use of this code is security anyway -- adds logging if anything
goes wrong.
Bug: 19361774
Change-Id: If2af07d31a5002f9010b838247b691f6b28bdfb1
This isn't particularly useful in and of itself, but it does introduce the
first (trivial) unit test, improves the documentation (including details
about how to debug init crashes), and made me aware of how unpleasant the
existing parser is.
I also fixed a bug in passing --- unless you thought the "peboot" and "pm"
commands were features...
Bug: 19217569
Change-Id: I6ab76129a543ce3ed3dab52ef2c638009874c3de
Only two days in, and I'm already really regretting putting this code
somewhere that builds for Mac OS and Windows...
Change-Id: I576ee4a9e647e10dc2d47c7e1e38aedee2bf404c
I knew I should have created a new library that doesn't build for the
Mac or Windows rather than adding to libutils...
Change-Id: I7c07eaa93affb7e83d4da384f03652c39065562a
Removed LOCAL_C_INCLUDES as the external/zlib headers are no longer
referenced by anything in libutils.
Removed unused host_commonLdlibs build variable. This was referenced
by the lib64utils host target which was removed in commit 03cc1f747
Tested compiling some of the projects that make use of libcutils
using a clean out dir with the folllowing targets
aosp_arm-eng : make -j16 logd dexdump
aosp-flouder-userdebug : make -j16 keystore vold libjavacore logd
aosp-x86_64-eng : make -j16 keystore vold libjavacore logd dexdump
Change-Id: I663e52bbf28dde27866dad9429bf95ada6b594a5
The implementation of the FileMap destructor would
close the file, only on Windows, which did not match
the behavior on mac/linux.
This is because calling munmap does not close the file
descriptor. It must be closed separately, before or after
munmap.
On Windows, the file must also be closed manually,
before or after closing the mappingFile.
The change basically removes the closing file from
the windows-specific part of the destructor, to
make behavior more consistent on all platforms
where the caller to FileMap is responsible for closing
its own file (since FileMap receives an opened file).
Change-Id: I5e3cfffbb870d5f3595802ccac57dbc1dbf1ce6e
