Add log in MessageQueueBase for mismatch in payload size from MQDescriptor am: b00fb7d03e am: a2b53b09cd am: e15c1edbf3 am: a80ef9159c
Original change: https://android-review.googlesource.com/c/platform/system/libfmq/+/1439331
Change-Id: I8dca2d3f16e96f6598691904b11a31e4814e57ce
diff --git a/include/fmq/MessageQueueBase.h b/include/fmq/MessageQueueBase.h
index 4fe1c6c..0cb83a6 100644
--- a/include/fmq/MessageQueueBase.h
+++ b/include/fmq/MessageQueueBase.h
@@ -563,10 +563,16 @@
* the native_handle is valid and T matches quantum size.
*/
if ((mDesc == nullptr) || !mDesc->isHandleValid() ||
- (mDesc->countGrantors() < hardware::details::kMinGrantorCount) ||
- (mDesc->getQuantum() != sizeof(T))) {
+ (mDesc->countGrantors() < hardware::details::kMinGrantorCount)) {
return;
}
+ if (mDesc->getQuantum() != sizeof(T)) {
+ hardware::details::logError(
+ "Payload size differs between the queue instantiation and the "
+ "MQDescriptor.");
+ return;
+ }
+
const auto& grantors = mDesc->grantors();
for (const auto& grantor : grantors) {
if (hardware::details::isAlignedToWordBoundary(grantor.offset) == false) {
diff --git a/tests/fmq_unit_tests.cpp b/tests/fmq_unit_tests.cpp
index 718867b..d365054 100644
--- a/tests/fmq_unit_tests.cpp
+++ b/tests/fmq_unit_tests.cpp
@@ -268,6 +268,28 @@
*/
ASSERT_FALSE(fmq->isValid());
}
+
+/*
+ * Test creating a new queue from a modified MQDescriptor of another queue.
+ * If MQDescriptor.quantum doesn't match the size of the payload(T), the queue
+ * should be invalid.
+ */
+TEST_F(AidlOnlyBadQueueConfig, MismatchedPayloadSize) {
+ AidlMessageQueueSync16 fmq = AidlMessageQueueSync16(64);
+ aidl::android::hardware::common::MQDescriptor<uint16_t, SynchronizedReadWrite> desc =
+ fmq.dupeDesc();
+ // This should work fine with the unmodified MQDescriptor
+ AidlMessageQueueSync16 fmq2 = AidlMessageQueueSync16(desc);
+ ASSERT_TRUE(fmq2.isValid());
+
+ // Simulate a difference in payload size between processes handling the queue
+ desc.quantum = 8;
+ AidlMessageQueueSync16 fmq3 = AidlMessageQueueSync16(desc);
+
+ // Should fail due to the quantum not matching the sizeof(uint16_t)
+ ASSERT_FALSE(fmq3.isValid());
+}
+
/*
* Test that basic blocking works. This test uses the non-blocking read()/write()
* APIs.