Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / frameworks / native / d1c87d37025c49f6a47fe43328572da495ff04c1^1..d1c87d37025c49f6a47fe43328572da495ff04c1 / .
commitd1c87d37025c49f6a47fe43328572da495ff04c1[log] [tgz]
authorArve Hjønnevåg <arve@android.com>Fri Feb 21 23:45:01 2014 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Fri Feb 21 23:45:01 2014 +0000
tree8dcd37a4da5ec0305626c34fd71133de7b984b3e
parent9076fa78d2541fa14253aaf08e6445fafa17e35b [diff]
parent07fd0f195db6d341cab4e54257f508d802c98832 [diff]
Merge changes I3432d9d3,I90fcf538,I64398603

* changes:
  Binder: Fix some valgrind errors.
  Binder: Don't cast directly from a pointer to binder_uintptr_t
  Binder: Disable attemptIncStrongHandle

diff --git a/libs/binder/IPCThreadState.cpp b/libs/binder/IPCThreadState.cpp
index cb42549..35dba12 100644
--- a/libs/binder/IPCThreadState.cpp
+++ b/libs/binder/IPCThreadState.cpp

@@ -635,6 +635,7 @@
 
 status_t IPCThreadState::attemptIncStrongHandle(int32_t handle)
 {
+#if HAS_BC_ATTEMPT_ACQUIRE
     LOG_REMOTEREFS("IPCThreadState::attemptIncStrongHandle(%d)\n", handle);
     mOut.writeInt32(BC_ATTEMPT_ACQUIRE);
     mOut.writeInt32(0); // xxx was thread priority
@@ -649,6 +650,11 @@
 #endif
     
     return result;
+#else
+    (void)handle;
+    ALOGE("%s(%d): Not supported\n", __func__, handle);
+    return INVALID_OPERATION;
+#endif
 }
 
 void IPCThreadState::expungeHandle(int32_t handle, IBinder* binder)
@@ -898,6 +904,7 @@
 {
     binder_transaction_data tr;
 
+    tr.target.ptr = 0; /* Don't pass uninitialized stack data to a remote process */
     tr.target.handle = handle;
     tr.code = code;
     tr.flags = binderFlags;
@@ -915,7 +922,7 @@
         tr.flags |= TF_STATUS_CODE;
         *statusBuffer = err;
         tr.data_size = sizeof(status_t);
-        tr.data.ptr.buffer = reinterpret_cast<binder_uintptr_t>(statusBuffer);
+        tr.data.ptr.buffer = reinterpret_cast<uintptr_t>(statusBuffer);
         tr.offsets_size = 0;
         tr.data.ptr.offsets = 0;
     } else {

diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp
index 03bcf01..9f56def 100644
--- a/libs/binder/Parcel.cpp
+++ b/libs/binder/Parcel.cpp

@@ -164,6 +164,7 @@
             }
             const int32_t handle = proxy ? proxy->handle() : 0;
             obj.type = BINDER_TYPE_HANDLE;
+            obj.binder = 0; /* Don't pass uninitialized stack data to a remote process */
             obj.handle = handle;
             obj.cookie = 0;
         } else {
@@ -197,6 +198,7 @@
                 }
                 const int32_t handle = proxy ? proxy->handle() : 0;
                 obj.type = BINDER_TYPE_WEAK_HANDLE;
+                obj.binder = 0; /* Don't pass uninitialized stack data to a remote process */
                 obj.handle = handle;
                 obj.cookie = 0;
             } else {
@@ -748,6 +750,7 @@
     flat_binder_object obj;
     obj.type = BINDER_TYPE_FD;
     obj.flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS;
+    obj.binder = 0; /* Don't pass uninitialized stack data to a remote process */
     obj.handle = fd;
     obj.cookie = takeOwnership ? 1 : 0;
     return writeObject(obj, true);