From 9809602ac32dcb7bceaa5bc34df5b7fb68aacd38 Mon Sep 17 00:00:00 2001
From: Chris Forbes <chrisforbes@google.com>
Date: Wed, 10 May 2017 13:12:00 -0700
Subject: ui: Fix bad size check in Fence::unflatten

Differs slightly from mnc+ patch: GetFlattenedSize was fixed in mnc.

Test: Boot device, run poc from bug, observe no longer crashes
Bug: 37285689
Change-Id: Id8b851733b088cce0d07493fbf76e7e24f9299ad
---
 libs/ui/Fence.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'libs/ui/Fence.cpp')

diff --git a/libs/ui/Fence.cpp b/libs/ui/Fence.cpp
index 93ec0ce611..2a771502d7 100644
--- a/libs/ui/Fence.cpp
+++ b/libs/ui/Fence.cpp
@@ -127,7 +127,7 @@ nsecs_t Fence::getSignalTime() const {
 }
 
 size_t Fence::getFlattenedSize() const {
-    return 1;
+    return 4;
 }
 
 size_t Fence::getFdCount() const {
@@ -152,7 +152,7 @@ status_t Fence::unflatten(void const*& buffer, size_t& size, int const*& fds, si
         return INVALID_OPERATION;
     }
 
-    if (size < 1) {
+    if (size < getFlattenedSize()) {
         return NO_MEMORY;
     }
 
-- 
cgit v1.2.3-59-g8ed1b