am 67903293
: Fix "Binder: Make sure binder objects do not overlap" to work old binder kernel interface
* commit '6790329358d1c84af2fe9ba093bcfc1c6176e758': Fix "Binder: Make sure binder objects do not overlap" to work old binder kernel interface
This commit is contained in:
commit
d06f6b0014
@ -1318,7 +1318,7 @@ size_t Parcel::ipcObjectsCount() const
|
|||||||
void Parcel::ipcSetDataReference(const uint8_t* data, size_t dataSize,
|
void Parcel::ipcSetDataReference(const uint8_t* data, size_t dataSize,
|
||||||
const size_t* objects, size_t objectsCount, release_func relFunc, void* relCookie)
|
const size_t* objects, size_t objectsCount, release_func relFunc, void* relCookie)
|
||||||
{
|
{
|
||||||
binder_size_t minOffset = 0;
|
size_t minOffset = 0;
|
||||||
freeDataNoInit();
|
freeDataNoInit();
|
||||||
mError = NO_ERROR;
|
mError = NO_ERROR;
|
||||||
mData = const_cast<uint8_t*>(data);
|
mData = const_cast<uint8_t*>(data);
|
||||||
@ -1332,10 +1332,10 @@ void Parcel::ipcSetDataReference(const uint8_t* data, size_t dataSize,
|
|||||||
mOwner = relFunc;
|
mOwner = relFunc;
|
||||||
mOwnerCookie = relCookie;
|
mOwnerCookie = relCookie;
|
||||||
for (size_t i = 0; i < mObjectsSize; i++) {
|
for (size_t i = 0; i < mObjectsSize; i++) {
|
||||||
binder_size_t offset = mObjects[i];
|
size_t offset = mObjects[i];
|
||||||
if (offset < minOffset) {
|
if (offset < minOffset) {
|
||||||
ALOGE("%s: bad object offset %"PRIu64" < %"PRIu64"\n",
|
ALOGE("%s: bad object offset %zu < %zu\n",
|
||||||
__func__, (uint64_t)offset, (uint64_t)minOffset);
|
__func__, offset, minOffset);
|
||||||
mObjectsSize = 0;
|
mObjectsSize = 0;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user