From 8938ed2c8e906fc332301b64787728d4d34da571 Mon Sep 17 00:00:00 2001 From: Dianne Hackborn Date: Wed, 28 Sep 2011 23:19:47 -0400 Subject: [PATCH] Add mechanism for Parcel to not allow FDs to be written to it. This is to help implement issue #5224703. Change-Id: I026a5890495537d15b57fe61227a640aac806d46 --- include/binder/Parcel.h | 5 ++++- include/utils/Errors.h | 1 + libs/binder/Parcel.cpp | 19 ++++++++++++++++++- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/include/binder/Parcel.h b/include/binder/Parcel.h index bfe13f01b..57f5dd22e 100644 --- a/include/binder/Parcel.h +++ b/include/binder/Parcel.h @@ -46,7 +46,7 @@ public: size_t dataAvail() const; size_t dataPosition() const; size_t dataCapacity() const; - + status_t setDataSize(size_t size); void setDataPosition(size_t pos) const; status_t setDataCapacity(size_t size); @@ -56,6 +56,8 @@ public: status_t appendFrom(const Parcel *parcel, size_t start, size_t len); + bool setAllowFds(bool allowFds); + bool hasFileDescriptors() const; // Writes the RPC header. @@ -212,6 +214,7 @@ private: mutable bool mFdsKnown; mutable bool mHasFds; + bool mAllowFds; release_func mOwner; void* mOwnerCookie; diff --git a/include/utils/Errors.h b/include/utils/Errors.h index 81f818b75..0b75b1926 100644 --- a/include/utils/Errors.h +++ b/include/utils/Errors.h @@ -72,6 +72,7 @@ enum { TIMED_OUT = 0x80000005, UNKNOWN_TRANSACTION = 0x80000006, #endif + FDS_NOT_ALLOWED = 0x80000007, }; // Restore define; enumeration is in "android" namespace, so the value defined diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp index a0fc4d05b..8eeab7aef 100644 --- a/libs/binder/Parcel.cpp +++ b/libs/binder/Parcel.cpp @@ -399,6 +399,8 @@ status_t Parcel::appendFrom(const Parcel *parcel, size_t offset, size_t len) mDataPos += len; mDataSize += len; + err = NO_ERROR; + if (numObjects > 0) { // grow objects if (mObjectsCapacity < mObjectsSize + numObjects) { @@ -430,11 +432,21 @@ status_t Parcel::appendFrom(const Parcel *parcel, size_t offset, size_t len) flat->handle = dup(flat->handle); flat->cookie = (void*)1; mHasFds = mFdsKnown = true; + if (!mAllowFds) { + err = FDS_NOT_ALLOWED; + } } } } - return NO_ERROR; + return err; +} + +bool Parcel::setAllowFds(bool allowFds) +{ + const bool origValue = mAllowFds; + mAllowFds = allowFds; + return origValue; } bool Parcel::hasFileDescriptors() const @@ -759,6 +771,9 @@ restart_write: // remember if it's a file descriptor if (val.type == BINDER_TYPE_FD) { + if (!mAllowFds) { + return FDS_NOT_ALLOWED; + } mHasFds = mFdsKnown = true; } @@ -1283,6 +1298,7 @@ status_t Parcel::restartWrite(size_t desired) mNextObjectHint = 0; mHasFds = false; mFdsKnown = true; + mAllowFds = true; return NO_ERROR; } @@ -1434,6 +1450,7 @@ void Parcel::initState() mNextObjectHint = 0; mHasFds = false; mFdsKnown = true; + mAllowFds = true; mOwner = NULL; }