Force-initialize potential padding area. When collapsing our heap-and-stack boundaries, we round up to ensure our padding math is still aligned on the remote side. This rounding can leak a small amount of uninitialized memory, so this change force-initializes any potential padding area. Bug: 213170822 Test: atest libandroidfw_tests Change-Id: Ife6fcd1b74aaabd932a77ea42e0d0ad3a6b9cae6

commit: e33af7fe3782a0c295ef2cd3b588632ecfcc00a4 [log] [tgz]
author: Jeff Sharkey <jsharkey@android.com> Tue Jun 07 13:14:04 2022 -0600
committer: Jeff Sharkey <jsharkey@google.com> Wed Jun 08 22:38:56 2022 +0000
tree: 00978ca384c165afbce2d107e7019e08ef2f250a
parent: c894c810d02c22215a9c1627c2f3ef83a42b2d7d [diff]
diff --git a/libs/androidfw/CursorWindow.cpp b/libs/androidfw/CursorWindow.cpp
index 3527eee..87ae45b 100644
--- a/libs/androidfw/CursorWindow.cpp
+++ b/libs/androidfw/CursorWindow.cpp

@@ -227,6 +227,7 @@
         if (!dest) goto fail;
         memcpy(static_cast<uint8_t*>(dest),
                 static_cast<uint8_t*>(mData), mAllocOffset);
+        memset(static_cast<uint8_t*>(dest) + mAllocOffset, 0, 4);
         memcpy(static_cast<uint8_t*>(dest) + compactedSize - slotsSize,
                 static_cast<uint8_t*>(mData) + mSlotsOffset, slotsSize);
     }
commit	e33af7fe3782a0c295ef2cd3b588632ecfcc00a4	[log] [tgz]
author	Jeff Sharkey <jsharkey@android.com>	Tue Jun 07 13:14:04 2022 -0600
committer	Jeff Sharkey <jsharkey@google.com>	Wed Jun 08 22:38:56 2022 +0000
tree	00978ca384c165afbce2d107e7019e08ef2f250a
parent	c894c810d02c22215a9c1627c2f3ef83a42b2d7d [diff]