Add earlier CHECK in hidl_string hidl_string needs to be zero-terminated so that the kernel can make a copy with it and have it safely copied over to the the other process (and that process can use c_str safely). Right now, this CHECK is in parceling code for hidl_string, but moving it to setToExternal and adding additional documentation for clarity. Bug: N/A Test: TH Change-Id: I1e5f338baa5757ec541e0c54f89f64df0a9c9d61

commit: 57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4 [log] [tgz]
author: Steven Moreland <smoreland@google.com> Tue Mar 06 11:31:33 2018 -0800
committer: Martijn Coenen <maco@google.com> Wed Mar 07 08:11:30 2018 +0000
tree: 44c290df557e91473275087d13f4b0a587ee3132
parent: 566c383bf83c0b66a59ae5c671ffd224b85c1c3b [diff] [blame]
diff --git a/base/HidlSupport.cpp b/base/HidlSupport.cpp
index 8f3c057..a69faa2 100644
--- a/base/HidlSupport.cpp
+++ b/base/HidlSupport.cpp

@@ -254,6 +254,14 @@
     if (size > UINT32_MAX) {
         LOG(FATAL) << "string size can't exceed 2^32 bytes: " << size;
     }
+
+    // When the binder driver copies this data into its buffer, it must
+    // have a zero byte there because the remote process will have a pointer
+    // directly into the read-only binder buffer. If we manually copy the
+    // data now to add a zero, then we lose the efficiency of this method.
+    // Checking here (it's also checked in the parceling code later).
+    CHECK(data[size] == '\0');
+
     clear();
 
     mBuffer = data;
commit	57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4	[log] [tgz]
author	Steven Moreland <smoreland@google.com>	Tue Mar 06 11:31:33 2018 -0800
committer	Martijn Coenen <maco@google.com>	Wed Mar 07 08:11:30 2018 +0000
tree	44c290df557e91473275087d13f4b0a587ee3132
parent	566c383bf83c0b66a59ae5c671ffd224b85c1c3b [diff] [blame]