OSDN Git Service

(root) / android-x86 / frameworks-native.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8df427d) | patch
Sanitize InputMessage before sending
authorSiarhei Vishniakou <svv@google.com>
Sat, 17 Nov 2018 06:18:53 +0000 (22:18 -0800)
committerJP Sugarbroad <jpsugar@google.com>
Mon, 14 Jan 2019 22:56:29 +0000 (14:56 -0800)
commit6ea12db7ea73d1cb3e33a2449fec44d71861ce9c
tree6f32648ee3b8533de3164ce697bbba363e0b5d2ftree | snapshot
parent8df427d7ae9866687c84870f35734191c73e6f67commit | diff
Sanitize InputMessage before sending

The struct InputMessage has many fields, and is force-aligned to 8-byte
boundaries. There are also some padding fields that carry no
information.

This struct is typically allocated in the stack and populated with
various values before being sent across as a stream of bytes through the
socket.

Therefore, the "unused" data portions of the struct could contain
portions of the stack, since there aren't ever writes to those memory
locations.

To avoid this information leak, forcefully sanitize the struct. Create a
new struct that is explicitly set to zero. Next, only fill the
meaningful fields manually.

Bug: 115739809
Test: cts-tradefed run cts -m CtsSecurityBulletinHostTestCases -t android.security.cts.Poc18_12; adb shell monkey 100000
Change-Id: I7e44dacf1e8fa3156c8e4d2f7784ef0c53dab507
Merged-In: I7e44dacf1e8fa3156c8e4d2f7784ef0c53dab507
(cherry picked from commit e730f5aaa1c726ee9998a080e2d7f6284f4afec8)
include/input/InputTransport.h diff | blob | history
libs/input/InputTransport.cpp diff | blob | history
libs/input/tests/StructLayout_test.cpp diff | blob | history
frameworks/native
About OSDN
Find Software
Develop Software
Help