The uninitialized local variables pick up
whatever the memory content was there on stack.
This data gets sent to the remote process in
case of a failed transaction, which is a security
issue. Fixed.
(Partial manual merge of master change
12ba0f57d028a9c8f4eb3afddc326b70677d1e0c. Rest
to automerge from klp-dev)
For b/23696300
Change-Id: I704c9fab327b3545c58e8a9a96ac542eb7469c2a
The uninitialized local variables pick up
whatever the memory content was there on stack.
This data gets sent to the remote process in
case of a failed transaction, which is a security
issue. Fixed.
(Manual merge of master change
12ba0f57d028a9c8f4eb3afddc326b70677d1e0c )
For b/23696300
Change-Id: I665212d10da56f0803b5bb772d14c77e632ba2ab
When appending one parcel's contents to another, ignore binder
objects within the source Parcel that appear to lie beyond the
formal bounds of that Parcel's data buffer.
Bug 17312693
Change-Id: If592a260f3fcd9a56fc160e7feb2c8b44c73f514
(cherry picked from commit 27182be9f2)
When appending one parcel's contents to another, ignore binder
objects within the source Parcel that appear to lie beyond the
formal bounds of that Parcel's data buffer.
Bug 17312693
Change-Id: If592a260f3fcd9a56fc160e7feb2c8b44c73f514
(cherry picked from commit 27182be9f2)
When appending one parcel's contents to another, ignore binder
objects within the source Parcel that appear to lie beyond the
formal bounds of that Parcel's data buffer.
Bug 17312693
Change-Id: If592a260f3fcd9a56fc160e7feb2c8b44c73f514
(cherry picked from commit 27182be9f2)
The inputs to native_handle_create can cause an overflowed allocation,
so check the return value of native_handle_create before accessing
the memory it returns.
Bug:19334482
Change-Id: I1f489382776c2a1390793a79dc27ea17baa9b2a2
(cherry picked from commit eaac99a717)
There shouldn't be more than 4096 fds (probably signficantly smaller) and
there shouldn't be more than 4096 ints.
Bug: 18076253
Change-Id: I3a3e50ee3078a4710e9737114e65afc923ed0573
This seems to have the same layout as OMX_COLOR_FormatYUV420SemiPlanar,
but used under this value on some devices.
Bug: 19246722
Change-Id: Ib866024e52cf7b12608f02eefc43c6d58a1c0aa1
Replace the global lock in terminate for the ref count check with atomics and a
local lock.
Bug: 19072064
Change-Id: I0cfd6564e227a75b8387a8788b16381d5bc2cc88
This tracks fds when layers are created and destroyed in an effort to
determine which specific app (if any) is active when fds are leaked
Bug: 19017008
Change-Id: I1f1d5a9cbc1399e3df3a2d350324f80b3a4e3477
Use the native stack dumping functions that allows time outs. If
debuggerd locks up, before a bugreport would hang forever. Now
it will timeout properly and still get all of the other information.
Bug: 18766581
Change-Id: I85053b8dcfe6224e2b64b4d8f7f2ef448b3cda34
The previous version printed out the nanoseconds elapsed, not seconds.
Bug: 18766581
(cherry picked from commit 67c5a8af9e)
Change-Id: Icbaaee83a92767694fd98e3c790f36f4d24681b0
Prevents apps hitting oome due to old linear alloc objects being
allocated in the java heap causing the heap to be larger than it
used to be.
Bug: 18707227
Change-Id: Ia49a7e6b24ae9fba1961d600d4599c17313b556b
Use LOCAL_WHOLE_STATIC_LIBRARIES to instruct static linker
to export symbols from the static library.
(cherry picked from commit 4340a14fbf)
Bug: 18701723
Change-Id: I70f6fdb64b0d1adbadf96c8de85870a903ec186a
"Do less work when using PTS" broke the invalidate path up from HWC
to SurfaceFlinger. When HWC would signal an invalidate, SurfaceFinger
would wake up, see no new buffers, and go back to sleep. This is fine,
except when the invalidate is a result of an HDMI hotplug, in which
case the screen remains blank. This change makes that functionality
work again.
Bug: 18564815
Bug: 18558468
Change-Id: I2e2171d86839945f4e4e6555d66f7e2895bd096a
