diff options
| author | Ryan Mitchell <rtmitchell@google.com> | 2021-05-27 12:34:52 -0700 |
|---|---|---|
| committer | Ryan Mitchell <rtmitchell@google.com> | 2021-05-27 12:41:36 -0700 |
| commit | cfb916e53e0301ce65265c32f1950ca696d099fb (patch) | |
| tree | 4ca9cb2837191135c00ae8fc175cb5fa7197bef4 /libs/androidfw | |
| parent | 72cd5f15528e6b930fadfdef1d79722ea7ff02e7 (diff) | |
Verify presence of _FileAsset::getBuffer data
Rather than attempt to remove all users of Asset::getBuffer (which
includes AssetManager(1), aapt(1), and other places) and migrate them
to use Asset::getIncFsBuffer, verify the presence of all the data in
the buffer before returning a raw pointer to the buffer data to
guarantee callers will not unexpectedly get a SIGBUS due to incremental
installation.
Bug: 179254882
Test: builds
Change-Id: I24fd9036bc53a8c23166b5471862ee542630fb56
Diffstat (limited to 'libs/androidfw')
| -rw-r--r-- | libs/androidfw/Asset.cpp | 7 | ||||
| -rw-r--r-- | libs/androidfw/include/androidfw/Asset.h | 6 |
2 files changed, 10 insertions, 3 deletions
diff --git a/libs/androidfw/Asset.cpp b/libs/androidfw/Asset.cpp index 4fbe4a3efbdd..43a70c176a83 100644 --- a/libs/androidfw/Asset.cpp +++ b/libs/androidfw/Asset.cpp @@ -594,7 +594,12 @@ void _FileAsset::close(void) */ const void* _FileAsset::getBuffer(bool aligned) { - return getIncFsBuffer(aligned).unsafe_ptr(); + auto buffer = getIncFsBuffer(aligned); + if (mBuf != NULL) + return mBuf; + if (!buffer.convert<uint8_t>().verify(mLength)) + return NULL; + return buffer.unsafe_ptr(); } incfs::map_ptr<void> _FileAsset::getIncFsBuffer(bool aligned) diff --git a/libs/androidfw/include/androidfw/Asset.h b/libs/androidfw/include/androidfw/Asset.h index 40c91a6fcbf5..19febcdee77e 100644 --- a/libs/androidfw/include/androidfw/Asset.h +++ b/libs/androidfw/include/androidfw/Asset.h @@ -91,7 +91,8 @@ public: * Get a pointer to a buffer with the entire contents of the file. * If `aligned` is true, the buffer data will be aligned to a 4-byte boundary. * - * Use this function if the asset can never reside on IncFs. + * If the buffer contents reside on IncFs, the entire buffer will be scanned to ensure the + * presence of the data before returning a raw pointer to the buffer. */ virtual const void* getBuffer(bool aligned) = 0; @@ -99,7 +100,8 @@ public: * Get a incfs::map_ptr<void> to a buffer with the entire contents of the file. * If `aligned` is true, the buffer data will be aligned to a 4-byte boundary. * - * Use this function if the asset can potentially reside on IncFs. + * Use this function if the asset can potentially reside on IncFs to avoid the scanning of the + * buffer contents done in Asset::getBuffer. */ virtual incfs::map_ptr<void> getIncFsBuffer(bool aligned) = 0; |