Merge "logger: validate hdr_size field in logger entry"
diff --git a/adb/socket_test.cpp b/adb/socket_test.cpp
index d2ce2d8..2bb01a3 100644
--- a/adb/socket_test.cpp
+++ b/adb/socket_test.cpp
@@ -254,10 +254,7 @@
ASSERT_TRUE(adb_thread_create(reinterpret_cast<void (*)(void*)>(ClientThreadFunc), nullptr,
&client_thread));
- struct sockaddr addr;
- socklen_t alen;
- alen = sizeof(addr);
- int accept_fd = adb_socket_accept(listen_fd, &addr, &alen);
+ int accept_fd = adb_socket_accept(listen_fd, nullptr, nullptr);
ASSERT_GE(accept_fd, 0);
CloseRdHupSocketArg arg;
arg.socket_fd = accept_fd;
diff --git a/debuggerd/debuggerd.cpp b/debuggerd/debuggerd.cpp
index c578d65..5550bc0 100644
--- a/debuggerd/debuggerd.cpp
+++ b/debuggerd/debuggerd.cpp
@@ -821,12 +821,8 @@
ALOGI("debuggerd: starting\n");
for (;;) {
- sockaddr_storage ss;
- sockaddr* addrp = reinterpret_cast<sockaddr*>(&ss);
- socklen_t alen = sizeof(ss);
-
ALOGV("waiting for connection\n");
- int fd = accept4(s, addrp, &alen, SOCK_CLOEXEC | SOCK_NONBLOCK);
+ int fd = accept4(s, nullptr, nullptr, SOCK_CLOEXEC | SOCK_NONBLOCK);
if (fd == -1) {
ALOGE("accept failed: %s\n", strerror(errno));
continue;
diff --git a/debuggerd/tombstone.cpp b/debuggerd/tombstone.cpp
index e80bc25..3ddd2b0 100644
--- a/debuggerd/tombstone.cpp
+++ b/debuggerd/tombstone.cpp
@@ -56,8 +56,13 @@
#define TOMBSTONE_DIR "/data/tombstones"
#define TOMBSTONE_TEMPLATE (TOMBSTONE_DIR"/tombstone_%02d")
-static bool signal_has_si_addr(int sig) {
- switch (sig) {
+static bool signal_has_si_addr(int si_signo, int si_code) {
+ // Manually sent signals won't have si_addr.
+ if (si_code == SI_USER || si_code == SI_QUEUE || si_code == SI_TKILL) {
+ return false;
+ }
+
+ switch (si_signo) {
case SIGBUS:
case SIGFPE:
case SIGILL:
@@ -185,7 +190,7 @@
}
char addr_desc[32]; // ", fault addr 0x1234"
- if (signal_has_si_addr(si.si_signo)) {
+ if (signal_has_si_addr(si.si_signo, si.si_code)) {
snprintf(addr_desc, sizeof(addr_desc), "%p", si.si_addr);
} else {
snprintf(addr_desc, sizeof(addr_desc), "--------");
@@ -359,7 +364,7 @@
siginfo_t si;
memset(&si, 0, sizeof(si));
if (ptrace(PTRACE_GETSIGINFO, tid, 0, &si) != -1) {
- print_fault_address_marker = signal_has_si_addr(si.si_signo);
+ print_fault_address_marker = signal_has_si_addr(si.si_signo, si.si_code);
addr = reinterpret_cast<uintptr_t>(si.si_addr);
} else {
ALOGE("Cannot get siginfo for %d: %s\n", tid, strerror(errno));
diff --git a/include/cutils/ashmem.h b/include/cutils/ashmem.h
index acedf73..d80caa6 100644
--- a/include/cutils/ashmem.h
+++ b/include/cutils/ashmem.h
@@ -20,6 +20,7 @@
extern "C" {
#endif
+int ashmem_valid(int fd);
int ashmem_create_region(const char *name, size_t size);
int ashmem_set_prot_region(int fd, int prot);
int ashmem_pin_region(int fd, size_t offset, size_t len);
diff --git a/init/property_service.cpp b/init/property_service.cpp
index e2e1b16..9e13733 100644
--- a/init/property_service.cpp
+++ b/init/property_service.cpp
@@ -227,32 +227,29 @@
static void handle_property_set_fd()
{
prop_msg msg;
- int s;
int r;
- struct ucred cr;
- struct sockaddr_un addr;
- socklen_t addr_size = sizeof(addr);
- socklen_t cr_size = sizeof(cr);
char * source_ctx = NULL;
- struct pollfd ufds[1];
- const int timeout_ms = 2 * 1000; /* Default 2 sec timeout for caller to send property. */
- int nr;
- if ((s = accept(property_set_fd, (struct sockaddr *) &addr, &addr_size)) < 0) {
+ int s = accept(property_set_fd, nullptr, nullptr);
+ if (s == -1) {
return;
}
/* Check socket options here */
+ struct ucred cr;
+ socklen_t cr_size = sizeof(cr);
if (getsockopt(s, SOL_SOCKET, SO_PEERCRED, &cr, &cr_size) < 0) {
close(s);
PLOG(ERROR) << "Unable to receive socket options";
return;
}
+ static constexpr int timeout_ms = 2 * 1000; /* Default 2 sec timeout for caller to send property. */
+ struct pollfd ufds[1];
ufds[0].fd = s;
ufds[0].events = POLLIN;
ufds[0].revents = 0;
- nr = TEMP_FAILURE_RETRY(poll(ufds, 1, timeout_ms));
+ int nr = TEMP_FAILURE_RETRY(poll(ufds, 1, timeout_ms));
if (nr == 0) {
LOG(ERROR) << "sys_prop: timeout waiting for uid " << cr.uid << " to send property message.";
close(s);
diff --git a/libcutils/ashmem-dev.c b/libcutils/ashmem-dev.c
index 4a07d66..09fa09a 100644
--- a/libcutils/ashmem-dev.c
+++ b/libcutils/ashmem-dev.c
@@ -85,7 +85,7 @@
}
/* Make sure file descriptor references ashmem, negative number means false */
-static int __ashmem_is_ashmem(int fd)
+static int __ashmem_is_ashmem(int fd, int fatal)
{
dev_t rdev;
struct stat st;
@@ -117,22 +117,29 @@
}
}
- if (rdev) {
- LOG_ALWAYS_FATAL("illegal fd=%d mode=0%o rdev=%d:%d expected 0%o %d:%d",
- fd, st.st_mode, major(st.st_rdev), minor(st.st_rdev),
- S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IRGRP,
- major(rdev), minor(rdev));
- } else {
- LOG_ALWAYS_FATAL("illegal fd=%d mode=0%o rdev=%d:%d expected 0%o",
- fd, st.st_mode, major(st.st_rdev), minor(st.st_rdev),
- S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IRGRP);
+ if (fatal) {
+ if (rdev) {
+ LOG_ALWAYS_FATAL("illegal fd=%d mode=0%o rdev=%d:%d expected 0%o %d:%d",
+ fd, st.st_mode, major(st.st_rdev), minor(st.st_rdev),
+ S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IRGRP,
+ major(rdev), minor(rdev));
+ } else {
+ LOG_ALWAYS_FATAL("illegal fd=%d mode=0%o rdev=%d:%d expected 0%o",
+ fd, st.st_mode, major(st.st_rdev), minor(st.st_rdev),
+ S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IRGRP);
+ }
+ /* NOTREACHED */
}
- /* NOTREACHED */
errno = ENOTTY;
return -1;
}
+int ashmem_valid(int fd)
+{
+ return __ashmem_is_ashmem(fd, 0) >= 0;
+}
+
/*
* ashmem_create_region - creates a new ashmem region and returns the file
* descriptor, or <0 on error
@@ -175,7 +182,7 @@
int ashmem_set_prot_region(int fd, int prot)
{
- int ret = __ashmem_is_ashmem(fd);
+ int ret = __ashmem_is_ashmem(fd, 1);
if (ret < 0) {
return ret;
}
@@ -187,7 +194,7 @@
{
struct ashmem_pin pin = { offset, len };
- int ret = __ashmem_is_ashmem(fd);
+ int ret = __ashmem_is_ashmem(fd, 1);
if (ret < 0) {
return ret;
}
@@ -199,7 +206,7 @@
{
struct ashmem_pin pin = { offset, len };
- int ret = __ashmem_is_ashmem(fd);
+ int ret = __ashmem_is_ashmem(fd, 1);
if (ret < 0) {
return ret;
}
@@ -209,7 +216,7 @@
int ashmem_get_size_region(int fd)
{
- int ret = __ashmem_is_ashmem(fd);
+ int ret = __ashmem_is_ashmem(fd, 1);
if (ret < 0) {
return ret;
}
diff --git a/libsysutils/src/SocketListener.cpp b/libsysutils/src/SocketListener.cpp
index 4d602a6..608abae 100644
--- a/libsysutils/src/SocketListener.cpp
+++ b/libsysutils/src/SocketListener.cpp
@@ -199,16 +199,7 @@
continue;
}
if (mListen && FD_ISSET(mSock, &read_fds)) {
- sockaddr_storage ss;
- sockaddr* addrp = reinterpret_cast<sockaddr*>(&ss);
- socklen_t alen;
- int c;
-
- do {
- alen = sizeof(ss);
- c = accept4(mSock, addrp, &alen, SOCK_CLOEXEC);
- SLOGV("%s got %d from accept", mSocketName, c);
- } while (c < 0 && errno == EINTR);
+ int c = TEMP_FAILURE_RETRY(accept4(mSock, nullptr, nullptr, SOCK_CLOEXEC));
if (c < 0) {
SLOGE("accept failed (%s)", strerror(errno));
sleep(1);
diff --git a/lmkd/lmkd.c b/lmkd/lmkd.c
index 37fbdb8..733b784 100644
--- a/lmkd/lmkd.c
+++ b/lmkd/lmkd.c
@@ -410,9 +410,6 @@
}
static void ctrl_connect_handler(uint32_t events __unused) {
- struct sockaddr_storage ss;
- struct sockaddr *addrp = (struct sockaddr *)&ss;
- socklen_t alen;
struct epoll_event epev;
if (ctrl_dfd >= 0) {
@@ -420,8 +417,7 @@
ctrl_dfd_reopened = 1;
}
- alen = sizeof(ss);
- ctrl_dfd = accept(ctrl_lfd, addrp, &alen);
+ ctrl_dfd = accept(ctrl_lfd, NULL, NULL);
if (ctrl_dfd < 0) {
ALOGE("lmkd control socket accept failed; errno=%d", errno);