libbinder: Return error instead of crashing on closed Trusty connection If RpcServerTrusty rejects a client connection, it still receives a few more messages. Since the connection was rejected, the internal channel has not been initialized. Handle this corner case by returning an ERR_BAD_STATE error code instead of a fatal crash so that Trusty services do not crash after rejecting connections. Bug: 242940548 Test: Presubmit Change-Id: Ibb1445c26616a8c7e369d1fd7a3fb3602d6f2155

commit: 5a8c69f8de8e48afccc8d87a2d5a2941f7033d24 [log] [tgz]
author: Andrei Homescu <ahomescu@google.com> Mon Jul 08 23:53:40 2024 +0000
committer: Andrei Homescu <ahomescu@google.com> Sat Nov 02 03:10:49 2024 +0000
tree: 593b4e4e92278fccc3bf556a4b03fc077374e897
parent: be48640e4342f81e1129ef0bdb5264641ce60abb [diff] [blame]
diff --git a/libs/binder/trusty/RpcServerTrusty.cpp b/libs/binder/trusty/RpcServerTrusty.cpp
index 17919c2..0580046 100644
--- a/libs/binder/trusty/RpcServerTrusty.cpp
+++ b/libs/binder/trusty/RpcServerTrusty.cpp

@@ -151,8 +151,10 @@
 
 int RpcServerTrusty::handleMessageInternal(void* ctx) {
     auto* channelContext = reinterpret_cast<ChannelContext*>(ctx);
-    LOG_ALWAYS_FATAL_IF(channelContext == nullptr,
-                        "bad state: message received on uninitialized channel");
+    if (channelContext == nullptr) {
+        LOG_RPC_DETAIL("bad state: message received on uninitialized channel");
+        return ERR_BAD_STATE;
+    }
 
     auto& session = channelContext->session;
     auto& connection = channelContext->connection;
commit	5a8c69f8de8e48afccc8d87a2d5a2941f7033d24	[log] [tgz]
author	Andrei Homescu <ahomescu@google.com>	Mon Jul 08 23:53:40 2024 +0000
committer	Andrei Homescu <ahomescu@google.com>	Sat Nov 02 03:10:49 2024 +0000
tree	593b4e4e92278fccc3bf556a4b03fc077374e897
parent	be48640e4342f81e1129ef0bdb5264641ce60abb [diff] [blame]