c503204736ff74758ed94f42dea1a90699923d10 - android_frameworks_native

commit	c503204736ff74758ed94f42dea1a90699923d10	[log] [tgz]
author	Steven Moreland <smoreland@google.com>	Thu Sep 30 15:40:27 2021 -0700
committer	Steven Moreland <smoreland@google.com>	Thu Sep 30 15:50:43 2021 -0700
tree	8b38420b4b6c1cfa5963caa2239588e84f63e1c3
parent	692ae86f088f6c0be9140625b008d838440e035b [diff]

libbinder: RPC error on unexpected session ID size

The session ID is created by the server, and passed to the client. This
prevents making a OOM-large allocation if a malicious client claims to
pass a large session ID.

Fixes: 201599425
Test: binderRpcTest
Change-Id: I24c66b70fbb5e194c2b603214e2f962b31ff27f9

libs/binder/RpcServer.cpp[diff]

1 file changed

tree: 8b38420b4b6c1cfa5963caa2239588e84f63e1c3

aidl/
build/
cmds/
data/
docs/
headers/
include/
include_sensor/
libs/
opengl/
services/
vulkan/
.clang-format
.gitignore
Android.bp
CleanSpec.mk
METADATA
MODULE_LICENSE_APACHE2
NOTICE
PREUPLOAD.cfg
TEST_MAPPING