commit 4e82c4a80faaae99ec5458a06c0d883a29f160ea
author Treehugger Robot <treehugger-gerrit@google.com> Thu Mar 03 16:41:31 2022 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Thu Mar 03 16:41:31 2022 +0000
tree 93b014ff074cff50ae474253015bdbe2faa81b98
parent 01fc068adf0ea2dcbc5eafa0a8e14acb242de117
parent 7d8a8f1733f249e99377d74df1310526e246486e

Merge "libbinder: avoid ACCEPT_FDS on proxies" am: c7d0e95a54 am: 7d8a8f1733

Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/2003198

Change-Id: I414885e6357d8460e8d5ea8a3c286cdf9ec7ae03

libs/binder/Parcel.cpp

diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp
index f84f639..6a138e3 100644
--- a/libs/binder/Parcel.cpp
+++ b/libs/binder/Parcel.cpp
@@ -200,7 +200,6 @@
     }
 
     flat_binder_object obj;
-    obj.flags = FLAT_BINDER_FLAG_ACCEPTS_FDS;
 
     int schedBits = 0;
     if (!IPCThreadState::self()->backgroundSchedulingDisabled()) {
@@ -221,6 +220,7 @@
             const int32_t handle = proxy ? proxy->getPrivateAccessor().binderHandle() : 0;
             obj.hdr.type = BINDER_TYPE_HANDLE;
             obj.binder = 0; /* Don't pass uninitialized stack data to a remote process */
+            obj.flags = 0;
             obj.handle = handle;
             obj.cookie = 0;
         } else {
@@ -231,6 +231,7 @@
                 // override value, since it is set explicitly
                 schedBits = schedPolicyMask(policy, priority);
             }
+            obj.flags = FLAT_BINDER_FLAG_ACCEPTS_FDS;
             if (local->isRequestingSid()) {
                 obj.flags |= FLAT_BINDER_FLAG_TXN_SECURITY_CTX;
             }
@@ -243,6 +244,7 @@
         }
     } else {
         obj.hdr.type = BINDER_TYPE_BINDER;
+        obj.flags = 0;
         obj.binder = 0;
         obj.cookie = 0;
     }