fix potential use-after-frees of stack memory
`devname_value` is a local variable; if `property_get` succeeds, we'll
return a pointer to it. Returning a `std::string` instead sidesteps this
problem.
Bug: 190757198
Test: TreeHugger
Change-Id: If9ca733dd21128706f2a9f62e8460b1286631aa5
diff --git a/gnss/common/utils/default/GnssReplayUtils.cpp b/gnss/common/utils/default/GnssReplayUtils.cpp
index 6dcf6ea..fc4c477 100644
--- a/gnss/common/utils/default/GnssReplayUtils.cpp
+++ b/gnss/common/utils/default/GnssReplayUtils.cpp
@@ -21,18 +21,17 @@
namespace gnss {
namespace common {
-const char* ReplayUtils::getGnssPath() {
- const char* gnss_dev_path = GNSS_PATH;
+std::string ReplayUtils::getGnssPath() {
char devname_value[PROPERTY_VALUE_MAX] = "";
if (property_get("debug.location.gnss.devname", devname_value, NULL) > 0) {
- gnss_dev_path = devname_value;
+ return devname_value;
}
- return gnss_dev_path;
+ return GNSS_PATH;
}
bool ReplayUtils::hasGnssDeviceFile() {
struct stat sb;
- return stat(getGnssPath(), &sb) != -1;
+ return stat(getGnssPath().c_str(), &sb) != -1;
}
bool ReplayUtils::isGnssRawMeasurement(const std::string& inputStr) {
@@ -47,7 +46,7 @@
std::string ReplayUtils::getDataFromDeviceFile(const std::string& command, int mMinIntervalMs) {
char inputBuffer[INPUT_BUFFER_SIZE];
- int mGnssFd = open(getGnssPath(), O_RDWR | O_NONBLOCK);
+ int mGnssFd = open(getGnssPath().c_str(), O_RDWR | O_NONBLOCK);
if (mGnssFd == -1) {
return "";
diff --git a/gnss/common/utils/default/include/GnssReplayUtils.h b/gnss/common/utils/default/include/GnssReplayUtils.h
index d7530f7..32c0e58 100644
--- a/gnss/common/utils/default/include/GnssReplayUtils.h
+++ b/gnss/common/utils/default/include/GnssReplayUtils.h
@@ -35,7 +35,7 @@
namespace common {
struct ReplayUtils {
- static const char* getGnssPath();
+ static std::string getGnssPath();
static std::string getDataFromDeviceFile(const std::string& command, int mMinIntervalMs);
diff --git a/gnss/common/utils/default/include/v2_1/GnssTemplate.h b/gnss/common/utils/default/include/v2_1/GnssTemplate.h
index e87a7f4..76024aa 100644
--- a/gnss/common/utils/default/include/v2_1/GnssTemplate.h
+++ b/gnss/common/utils/default/include/v2_1/GnssTemplate.h
@@ -161,11 +161,11 @@
std::unique_ptr<V2_0::GnssLocation> GnssTemplate<T_IGnss>::getLocationFromHW() {
if (!mHardwareModeChecked) {
// default using /dev/gnss0
- const char* gnss_dev_path = ReplayUtils::getGnssPath();
+ std::string gnss_dev_path = ReplayUtils::getGnssPath();
- mGnssFd = open(gnss_dev_path, O_RDWR | O_NONBLOCK);
+ mGnssFd = open(gnss_dev_path.c_str(), O_RDWR | O_NONBLOCK);
if (mGnssFd == -1) {
- ALOGW("Failed to open %s errno: %d", gnss_dev_path, errno);
+ ALOGW("Failed to open %s errno: %d", gnss_dev_path.c_str(), errno);
}
mHardwareModeChecked = true;
}