ADHOC/replicant-frameworks_native
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix potential format string vulnerability

Browse Source 
A sensor name containing a format string could have interesting side
effects...

Change-Id: If7f1378aa68572d9716c339728eab18faa6b9f2a
Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
This commit is contained in:
Bernhard Rosenkränzer 2014-11-17 21:06:20 +01:00 committed by Chih-Hung Hsieh
parent 2e42a90653
commit 5f6199373d
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
services/sensorservice/SensorService.cpp
View File

@ -617,12 +617,9 @@ Vector<Sensor> SensorService::getSensorList()
if (canAccessSensor(sensor)) {
accessibleSensorList.add(sensor);
} else {
String8 infoMessage;
infoMessage.appendFormat(
"Skipped sensor %s because it requires permission %s",
sensor.getName().string(),
sensor.getRequiredPermission().string());
ALOGI(infoMessage.string());
ALOGI("Skipped sensor %s because it requires permission %s",
sensor.getName().string(),
sensor.getRequiredPermission().string());
}
}
return accessibleSensorList;