diff options
| author | 2018-11-16 22:18:53 -0800 | |
|---|---|---|
| committer | 2019-01-16 18:56:22 +0000 | |
| commit | 86c2985b0be7590aa979d25a7e5fb927cc1d2dcc (patch) | |
| tree | bea8d2b9269680ee1742166e2820b9df075b7db5 /libs/gui/ConsumerBase.cpp | |
| parent | cb5531e3576fec2be6e366f16dd85696a20552b3 (diff) | |
Sanitize InputMessage before sending
The struct InputMessage has many fields, and is force-aligned to 8-byte
boundaries. There are also some padding fields that carry no
information.
This struct is typically allocated in the stack and populated with
various values before being sent across as a stream of bytes through the
socket.
Therefore, the "unused" data portions of the struct could contain
portions of the stack, since there aren't ever writes to those memory
locations.
To avoid this information leak, forcefully sanitize the struct. Create a
new struct that is explicitly set to zero. Next, only fill the
meaningful fields manually.
Bug: 115739809
Test: cts-tradefed run cts -m CtsSecurityBulletinHostTestCases -t android.security.cts.Poc18_12; adb shell monkey 100000
Change-Id: I7e44dacf1e8fa3156c8e4d2f7784ef0c53dab507
Merged-In: I7e44dacf1e8fa3156c8e4d2f7784ef0c53dab507
(cherry picked from commit e730f5aaa1c726ee9998a080e2d7f6284f4afec8)
Diffstat (limited to 'libs/gui/ConsumerBase.cpp')
0 files changed, 0 insertions, 0 deletions