From d338dfe5830df0960b7b16b7191cb42bd2115996 Mon Sep 17 00:00:00 2001 From: Ryan Mitchell Date: Sat, 23 Feb 2019 15:33:08 +0800 Subject: Avoid Asset::LoadImpl crash when getBuffer is null If for some reason Asset::getBuffer returns a null pointer, error out instead of dereferencing the null pointer. Bug: 125943266 Bug: 154461471 Test: boots Change-Id: I957be4f9b8c49c2a6829e8b82fae0ae8d8d7639e --- libs/androidfw/ApkAssets.cpp | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) mode change 100644 => 100755 libs/androidfw/ApkAssets.cpp (limited to 'libs/androidfw/ApkAssets.cpp') diff --git a/libs/androidfw/ApkAssets.cpp b/libs/androidfw/ApkAssets.cpp old mode 100644 new mode 100755 index 05f4d6b63a4c..e15b42d46f53 --- a/libs/androidfw/ApkAssets.cpp +++ b/libs/androidfw/ApkAssets.cpp @@ -496,6 +496,11 @@ std::unique_ptr ApkAssets::LoadImpl( const StringPiece data( reinterpret_cast(loaded_apk->resources_asset_->getBuffer(true /*wordAligned*/)), loaded_apk->resources_asset_->getLength()); + if (data.data() == nullptr || data.empty()) { + LOG(ERROR) << "Failed to read '" << kResourcesArsc << "' data in APK '" << path << "'."; + return {}; + } + loaded_apk->loaded_arsc_ = LoadedArsc::Load(data, loaded_apk->loaded_idmap_.get(), property_flags); if (!loaded_apk->loaded_arsc_) { @@ -523,9 +528,14 @@ std::unique_ptr ApkAssets::LoadTableImpl( const StringPiece data( reinterpret_cast(loaded_apk->resources_asset_->getBuffer(true /*wordAligned*/)), loaded_apk->resources_asset_->getLength()); + if (data.data() == nullptr || data.empty()) { + LOG(ERROR) << "Failed to read resources table data in '" << path << "'."; + return {}; + } + loaded_apk->loaded_arsc_ = LoadedArsc::Load(data, nullptr, property_flags); if (loaded_apk->loaded_arsc_ == nullptr) { - LOG(ERROR) << "Failed to load '" << kResourcesArsc << path; + LOG(ERROR) << "Failed to read resources table in '" << path << "'."; return {}; } -- cgit v1.2.3-59-g8ed1b