From b414255f53b560a06e642251535b019327ba0d7b Mon Sep 17 00:00:00 2001 From: Naveen Leekha Date: Tue, 22 Sep 2015 18:04:44 -0700 Subject: [PATCH] Initialize local variables to avoid data leak The uninitialized local variables pick up whatever the memory content was there on stack. This data gets sent to the remote process in case of a failed transaction, which is a security issue. Fixed. (Partial manual merge of master change 12ba0f57d028a9c8f4eb3afddc326b70677d1e0c. Rest to automerge from klp-dev) For b/23696300 Change-Id: I704c9fab327b3545c58e8a9a96ac542eb7469c2a --- libs/gui/IGraphicBufferProducer.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/gui/IGraphicBufferProducer.cpp b/libs/gui/IGraphicBufferProducer.cpp index 1e28f9bb8..dd9db3378 100644 --- a/libs/gui/IGraphicBufferProducer.cpp +++ b/libs/gui/IGraphicBufferProducer.cpp @@ -344,7 +344,7 @@ status_t BnGraphicBufferProducer::onTransact( CHECK_INTERFACE(IGraphicBufferProducer, data, reply); sp buffer = new GraphicBuffer(); data.read(*buffer.get()); - int slot; + int slot = 0; int result = attachBuffer(&slot, buffer); reply->writeInt32(slot); reply->writeInt32(result);