TcpSocketMonitor code hardening This patch adds a couple of additional guards to make TcpSocketMonitor more robust: - TcpSocketMonitor::updateSocketStats() is not called if the Netlink message type does not match SOCK_DIAG_BY_FAMILY - the tcpinfo_get macro now correctly takes into account the length of the field that is accessed when comparing to the number of bytes available for struct tcp_info. In additional, tcpi_data_segs_out which is not available on 4.4 kernels is replaced by tcpi_segs_out. Bug: 64147860, 72512637 Test: manual tests Change-Id: I898fc07362788b7991594d303665a88f57bf1b35

commit: 321b22ceea5e79e5e8d7d990c9618afaa7f87c5c [log] [tgz]
author: Hugo Benichi <hugobenichi@google.com> Tue Jan 30 11:37:27 2018 +0900
committer: Hugo Benichi <hugobenichi@google.com> Tue Jan 30 16:05:18 2018 +0900
tree: 8848536a099e11640b6aee5f3adefc475d62555f
parent: dae2ecf45c5e34fc07b3a91b6fe2b378bb9a4441 [diff] [blame]
diff --git a/server/SockDiag.cpp b/server/SockDiag.cpp
index 32fec6e..7d22b2c 100644
--- a/server/SockDiag.cpp
+++ b/server/SockDiag.cpp

@@ -216,6 +216,10 @@
 
 int SockDiag::readDiagMsgWithTcpInfo(const TcpInfoReader& tcpInfoReader) {
     NetlinkDumpCallback callback = [tcpInfoReader] (nlmsghdr *nlh) {
+        if (nlh->nlmsg_type != SOCK_DIAG_BY_FAMILY) {
+            ALOGE("expected nlmsg_type=SOCK_DIAG_BY_FAMILY, got nlmsg_type=%d", nlh->nlmsg_type);
+            return;
+        }
         Fwmark mark;
         struct tcp_info *tcpinfo = nullptr;
         uint32_t tcpinfoLength = 0;
commit	321b22ceea5e79e5e8d7d990c9618afaa7f87c5c	[log] [tgz]
author	Hugo Benichi <hugobenichi@google.com>	Tue Jan 30 11:37:27 2018 +0900
committer	Hugo Benichi <hugobenichi@google.com>	Tue Jan 30 16:05:18 2018 +0900
tree	8848536a099e11640b6aee5f3adefc475d62555f
parent	dae2ecf45c5e34fc07b3a91b6fe2b378bb9a4441 [diff] [blame]