ADHOC/replicant-frameworks_native
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

BQ: Add permission check to BufferQueueConsumer::dump

Browse Source 
Bug 27046057

Change-Id: Id7bd8cf95045b497943ea39dde49e877aa6f5c4e
This commit is contained in:
Pablo Ceballos 2016-02-11 18:01:49 -08:00 committed by The Android Automerger
parent 6df23e81f7
commit 28a83d4206
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libs/gui/BufferQueueConsumer.cpp
View File

@ -26,6 +26,10 @@
#include <gui/IConsumerListener.h>
#include <gui/IProducerListener.h>
#include <binder/IPCThreadState.h>
#include <binder/PermissionCache.h>
#include <private/android_filesystem_config.h>
namespace android {
BufferQueueConsumer::BufferQueueConsumer(const sp<BufferQueueCore>& core) :
@ -572,7 +576,17 @@ sp<NativeHandle> BufferQueueConsumer::getSidebandStream() const {
}
void BufferQueueConsumer::dump(String8& result, const char* prefix) const {
mCore->dump(result, prefix);
const IPCThreadState* ipc = IPCThreadState::self();
const pid_t pid = ipc->getCallingPid();
const uid_t uid = ipc->getCallingUid();
if ((uid != AID_SHELL)
&& !PermissionCache::checkPermission(String16(
"android.permission.DUMP"), pid, uid)) {
result.appendFormat("Permission Denial: can't dump BufferQueueConsumer "
"from pid=%d, uid=%d\n", pid, uid);
} else {
mCore->dump(result, prefix);
}
}
} // namespace android