OSDN Git Service

(root) / android-x86 / frameworks-native.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9b36529)
crash if getNativeBuffer() called on NULL GraphicBuffer
authorColin Cross <ccross@android.com>
Tue, 22 Jul 2014 22:55:08 +0000 (15:55 -0700)
committerThe Android Automerger <android-build@google.com>
Wed, 23 Jul 2014 21:47:55 +0000 (14:47 -0700)
If getNativeBuffer() is called on a NULL GraphicBuffer the
static_cast of this from GraphicBuffer* to ANativeWindowBuffer*
will return a small pointer like (ANativeWindowBuffer*)0x10.
This value can propagate past NULL checks until it causes a crash
far away from the original NULL pointer.  Crash immediately
instead.

Change-Id: Id614b9eb1484108b3c3c733545309844c4b87532

libs/ui/GraphicBuffer.cpp patch | blob | history

diff --git a/libs/ui/GraphicBuffer.cpp b/libs/ui/GraphicBuffer.cpp
index e21dc53..9b0bd60 100644 (file)
--- a/libs/ui/GraphicBuffer.cpp
+++ b/libs/ui/GraphicBuffer.cpp
@@ -126,6 +126,7 @@ void GraphicBuffer::dumpAllocationsToSystemLog()
 
 ANativeWindowBuffer* GraphicBuffer::getNativeBuffer() const
 {
+    LOG_ALWAYS_FATAL_IF(this == NULL, "getNativeBuffer() called on NULL GraphicBuffer");
     return static_cast<ANativeWindowBuffer*>(
             const_cast<GraphicBuffer*>(this));
 }
frameworks/native
About OSDN
Find Software
Develop Software
Help