From d1dff8d4d47a5f9142a22b11950adc55ea2b36df Mon Sep 17 00:00:00 2001 From: Pravat Dalbehera Date: Wed, 15 Dec 2010 08:40:00 +0100 Subject: Fix for writing empty strings to Parcel::writeString8() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If writeString8 is called with the following sequence: writeString8(String8("")); writeString8(String8("TempString")); Then in the readString8, the 2nd String i.e. "TempString" is not read, instead an empty string is read. The bug comes because of the write call for String8("") where there are no String bytes present. In the write Statement, an extra ‘\0’ is written. During the Marshalling, Following bytes are written: 1 2 3 4 5 ... 0x0 0x0 0xB ‘T’ ‘e’ ... The readString8 function has a check that, if String length is 0, don’t read anything. So the first byte is read as the length for the first string. The second byte i.e. ‘\0’ is read as the length for the second string and hence the second string becomes empty too. Change-Id: Id7acc0c80ae16e77be4331f1ddf69ea87e758420 --- libs/binder/Parcel.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp index f329ac4642..d57f2c9fdc 100644 --- a/libs/binder/Parcel.cpp +++ b/libs/binder/Parcel.cpp @@ -619,7 +619,10 @@ status_t Parcel::writeCString(const char* str) status_t Parcel::writeString8(const String8& str) { status_t err = writeInt32(str.bytes()); - if (err == NO_ERROR) { + // only write string if its length is more than zero characters, + // as readString8 will only read if the length field is non-zero. + // this is slightly different from how writeString16 works. + if (str.bytes() > 0 && err == NO_ERROR) { err = write(str.string(), str.bytes()+1); } return err; -- cgit v1.2.3-59-g8ed1b