lfd returned by adb_open is not the actual file desc.
on win32 builds. calling through fstat with invalid fd
will lead to crash, using stat instead.
Change-Id: I7fdc8b825162eaa42efe8755265842c300b00e39
Signed-off-by: eric.yan <eric.yan@yulong.com>
Signed-off-by: severecold <severecold@gmail.com>
If tracing was not enabled (the ADB_TRACE environment variable was not
set specially), writex() and readx() would still call dump_hex() which
would construct hex tracing strings, which would be immediately
discarded and not printed (because tracing is not enabled).
The fix is to only call dump_hex() if ADB_TRACING evalutes to true, the
same way that dump_packet() is only called if ADB_TRACING evaluates to
true.
Change-Id: I1651680da344389475ebdeea77ba1982960d5764
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
Currently, a host running adb will sign a token of any length passed
to it by a device, effectively acting as a signing oracle. If the
ADB_VENDOR_KEYS environment variable is used to specify an additional
key to use, this behavior is not only unexpected, but probably also
unwanted. Further discussion can be found from this thread:
http://www.metzdowd.com/pipermail/cryptography/2015-January/024423.html
This change adds a check to ensure token length matches TOKEN_SIZE
before it's signed, which prevents an attacker from signing longer
messages.
Change-Id: I7b2cc1f051941bf9b66e1c02980850bede501793
On Windows, adb_socket_setbufsize() was taking a file descriptor value
from the compatibility layer in sysdeps_win32.c (namely, an index into
the _win32_fhs array) and passing it to the Winsock setsockopt() call,
which wants a Winsock SOCKET handle. Basically, adb_socket_setbufsize()
was passing `fd` instead of `_fh_from_int(fd)->fh_socket`, resulting in
adb effectively setting a socket buffer size on a random socket in the
process.
The fix is to introduce adb_setsockopt() which just calls setsockopt()
on non-Win32, and which uses the Winsock SOCKET handle on Win32. The
change also moves Win32 disable_tcp_nagle() to a header and adds an
extra sanity check to adb_shutdown().
Change-Id: I4354e818d27538f7ff5b0e70b28bdb6300e1b98b
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
Using a const bool rather than an ifdef means the compiler can still
protect us from breaking code paths that aren't included in every
build variant.
Change-Id: Ic45c8fb52cd66c3ce090d760cdb92104e31265f5
Hadn't caught this in the previous submission because I tested the
build with another change on top of it that also fixes this.
Bug: 17626262
Change-Id: Ia40127618a5466e382081760d614ff7fc09d50a3
Much of adb is duplicated in bootable/recovery/minadb and fastboot.
Changes made to adb rarely get ported to the other two, so the trees
have diverged a bit. We'd like to stop this because it is a
maintenance nightmare, but the divergence makes this difficult to do
all at once. For now, we will start small by moving common files into
a static library. Hopefully some day we can get enough of adb in here
that we no longer need minadb.
Bug: 17626262
Change-Id: Ic8d5653bfcc0fec4e1acbece124402355084b864
There was a misinterpretation of how the v2 header works. The flags
in the header indicate what is in the rest of the structure.
Bug: 19127803
Change-Id: I5fa0dae6da51522c9afc4c94838eb6f462208683
If you run `adb tcpip`, adbd tries to process a string of 'tcpip:' using
this code:
} else if(!strncmp(name, "tcpip:", 6)) {
int port;
if (sscanf(name + 6, "%d", &port) == 0) {
port = 0;
}
ret = create_service_thread(restart_tcp_service, (void *) (uintptr_t) port);
If a zero-length string is passed to sscanf(), it returns EOF (-1) which
causes the if statement to skip the block, leaving the port variable
uninitialized.
I found this by running `adb tcpip` and sometimes getting 'invalid port'
and sometimes a device would start listening on a random port number.
The fix is to check the sscanf() return value for the success case (the
number of items successfully parsed), as is already done in other parts
of the adb code. I also fixed-up another instance of the same
code-pattern in services.c.
Change-Id: I8c9c33485ad076828da0ac74f048fdad561669d3
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
Due to a typo, the --no-rebind option never worked (it always failed).
The root of the problem was that the client was sending on the wire
a command like:
host:forward:norebind::tcp:<port>;tcp:<port>
^^
Instead of:
host:forward:norebind:tcp:<port>;tcp:<port>
^
Note the erroneous double-column.
The fix is local to the adb client and thus doesn't require a new
version of the server or guest adbd on the device-side.
This also fixes 'adb reverse --no-rebind'.
See https://code.google.com/p/chromium/issues/detail?id=451109
Change-Id: I680fd432b5470072f6a9968ca32a7f90c600ac68
If verity is enabled and the underlying block device is marked
read-only, disable-verity fails. We cannot use the existing code
for enable-verity to make the device writable as the device in
/proc/mounts will be the verity device instead of the underlying
device we want to change. This change makes the correct device
writable when altering verity state.
Change-Id: I423ee50fb34d78cff2fe843318b9081c03c5142d
Remove 2 unused functions and 1 unused label in the
!ALLOW_ADBD_DISABLE_VERITY case
Change-Id: Id6b29f57bcb95e54f5a4014021d47d8ca6e4556e
Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
Note that it is *easy* to break your phone with this feature. It is
not a bug that reenabling verity after changing one byte of the system
partition stops the device booting.
(cherry-pick of 7c442e1700e6312727283db402dec6f666f1b55a.)
Bug: 18529433
Change-Id: I632e91281884471a362960f1ba30312d2669b8ff
This reverts commit 152d2d4234.
Fixed build error, and also fixed memory leak spotted from warning.
(cherry-pick of bbb36319119edde9377fb80015235893c30d2bc9.)
Bug: 17691572
Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
The patch "[RFC] usb: gadget: f_fs: Add flags
to descriptors block" marks the current
usb_functionfs_descs_head format deprecated
and introduces support for sending SuperSpeed
descriptors.
This CL makes adbd to send Descriptors in the
new format. Adbd would fall back to the old
format, if kernel is not able to recognize
the new format. This is done to prevent
adbd from breaking in the older versions
of the kernel.
(cherry-pick of fad60336daa5a7adf82d8140cbddd1c735770e71.)
Bug: 17394972
Change-Id: I05095ccdcc74bf6953cbef847d7583eab137e12e
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
On mac require a case.
Also, this code is not portable, will fix it in long run.
(cherry-pick of 0f1fda9ee80ba086e4c8960a7d153798e3cf3285.)
Change-Id: I76194b62cea29bd3d21c7ba6c3da4d549bea4738
Re-commit https://googleplex-android-review.googlesource.com/#/c/519430/
Add fix for win_sdk build.
Add socketpair debug log.
Also output thread information in log on host side.
(cherry-pick of adb09fa01a16d8c5c92c2f8d325e1678c531223f.)
Change-Id: I21021bc111a3f7362a91b70593e3738125878118
Many of the windows files where not including stdlib.h even though they
are using malloc/free calls.
(cherry-pick of ae7bf0959bd3f79afbf365e41f015ed1c304afdc.)
Change-Id: If6959df9909d9d9928e9f4a2a96018166361cf3c
Introduce the "adb keygen" command.
Usage: adb keygen <filename>
This command creates an adb public/private key pair in a user
specified file. This can be used to create new adb keys, or rotate
existing keys.
Modify adb's key generation routines to use the HOSTNAME/LOGNAME
environment variables if available. This allows someone to override
the username/hostname embedded within the adb public key file if
desired. Fallback to the old mechanisms if those environment
variables aren't available.
Bug: 18342715
Change-Id: Ibccee6088d4609aa05ad6687d3a1d8a8689d3e8a
(cherry picked from commit af782b9f2a)
Change-Id: Ic76ffc9412171dddc879af0bbf6e20fbe1a8f057
Change-Id: I5a350bfa5641365d7a0939d89c6f477c335e948a
Signed-off-by: Zhuang Jin Can <jin.can.zhuang@intel.com>
Signed-off-by: Robert Chiras <robert.chiras@intel.com>
Replace the use of CFStringGetCString with kCFStringEncodingASCII specified
with CFStringGetFileSystemRepresentation which will ensure the correct
character encoding is used to conver the CFString into a NULL terminated
char array suitable for use with POSIX APIs.
Change-Id: Ibab1dc05c4f4db8604d329a493b4241992b8e69d
Companion patch for change I2bf583a27f9a3f98ef006ea62b906a4f89960507.
Due to the use of USB class 0xff it's not possible to register a listener
which uses the OS methods for filtering notifications, so this patch
also introduces a check in the notification listener which checks the
class, subclass, and protocol for the interface each notification relates
to.
Change-Id: I380cc80f96addc5057660efb2179b35f9378886a
The previous implementation returned the path the executable was in instead
of returning the path including the executable (i.e. it returned ...bin
instead of ...bin/executable). This is not what the original methods did
and caused the process forking of adb to fail.
This patch corrects the implementation.
Change-Id: Ib58497cab35706041f170c1bc97c31fd5d965f90
It's time we switched to blacklisting any problematic devices rather than
slowly whitelisting the entire world. This seems to work for me, but let's
see how other people get on before coming back to actually remove the list.
We'll also need to find a Mac to test the equivalent Mac change.
Change-Id: I2bf583a27f9a3f98ef006ea62b906a4f89960507
Recent versions of XCode fail to compile the adb and fastboot binaries due to
two functions being deprecated in 10.9 (GetCurrentProcess and
ProcessInformationCopyDictionary), and the use of -Werrror.
This patch replaces the method implementations which use calls to methods
deprecated in the 10.9 SDK with versions which only call non-deprecated methods.
Change-Id: I855bf26aff45093ca9022924f3ecd1b80f2305a8
Bug: 14416410
The proper fix for the error/warning we encountered is to move winsock2.h
in front of windows.h.
Change-Id: I29504ba3a184a85c6636d06c2ad900828fdb5436
Bug: 14416410
1. The new mingw-w64 toolchain x86_64-w64-mingw32-4.8 has ddk
in x86_64-w64-mingw32/include/ddk
2. Add -Wno-error=cpp to suppress a warning that turns into error
thanks to -Werror:
Please include winsock2.h before windows.h
3. Cast GetLastError() return type DWORD to "int"
4. Include direct.h for _mkdir
5. Include stdint.h for uint8_t on Windows
Change-Id: I4bec0587f6573692f08c760da6c98ae551b8b5eb
adbd was spinning between select & read (0 bytes) for an adb_auth
socket. The read documentation states: "On success, the number of
bytes read is returned (zero indicates end of file)" so the code has
been modified to close the connection (like the read error case).
BUG=17419868
Change-Id: I1d8fb70c8e1876225ba8d47ea0a2b6265a7d182b
strlen returns a size_t, but the * modifier in printf expects an int.
On arm64 size_t != int.
(cherry-picked from commit 6d6a898b0c)
Change-Id: I11e84a7b62c935162abc0aba910d14e63d11efd3
The sideload-host mode turns the host into a server capable of sending
the device various pieces of the file on request, rather than
downloading it all in one transfer. It's used to support sideloading
OTA packages to devices without the need for them to hold the whole
package in RAM.
If the connected device doesn't support sideload-host mode, we fall
back to the older sideload connection.
(cherry-picked from commit 71fe584a1a)
Change-Id: I5adaedd8243dc3b76414bba0149879ca2bbf35fa
It's a shell command with a pty, but it's not really interactive,
so force the removal to avoid giving users dead-end prompts.
Bug: 17339227
Change-Id: Iaf5d95c49f032066aa741a711a2c45557d93c598
The OpenSSL base64 BIO is going away in BoringSSL. This change switches
to using the explicit base64 functions which are availible in both
OpenSSL and BoringSSL. The BoringSSL helper functions (i.e. for
calculating the size of the base64 encoding) are wrapped in #ifdefs so
that this change isn't coupled with the switch to BoringSSL. Once that
switch is complete, the #ifdefs can be removed.
Bug: 17409664
Change-Id: I42bac3bc93a1fb39feed39a8917d8e38d97629d3
Signed-off-by: Adam Langley <agl@google.com>
This is in preparation for an update to the uapi v3.16.1
kernel headers that marks the structure usb_functionfs_descs_head
as deprecated.
Change-Id: I25d2f32ce8e95e038e6df201ce2f8126f5a8b6fa
Without this patch we get:
system/core/adb/commandline.c:1629:16: error: array subscript is above
array bounds [-Werror=array-bounds]
Signed-off-by: Alexander Ivchenko <alexander.ivchenko@intel.com>
(cherry picked from commit 5372333885)
Change-Id: I920c1de933ce5ba0a0d57eb8a9b557325a767a2a
Without this patch we get:
system/core/adb/commandline.c:1629:16: error: array subscript is above
array bounds [-Werror=array-bounds]
Change-Id: I494eb8b4d0e8082f8ff57bdd33d8d46c8c481c6f
Signed-off-by: Alexander Ivchenko <alexander.ivchenko@intel.com>
Commands chained with && need to be passed through literally instead
of always being quoted.
(cherry-pick of 7c460351f53cb683097fe4071b9ec1e4cd7cdf82.)
Bug: 15479704
Change-Id: I2998e40a92a3bfd092098cd526403b469c86c9a6
Arguments with embedded spaces need to be wrapped in quotes, which
changes the overall escaping strategy. Instead of mixing the two
strategies, just always wrap arguments in quotes.
(cherry-pick of fd546e8c35341b518873eb4f883afbed92e947af.)
Bug: 15479704
Change-Id: I03eacfa1bd6c220d4ec6617b825ebb0c43c7221e
Due to previous bad merge, the get-state service was moved out of the
ADB_HOST #ifdef block.
(cherry picked from commit dc22c3c7a8)
Change-Id: I08465e7c666104a4c2d15eadef8a4d4be7f91456
Most code is copied and pasted from adb.h.
Any file can just include it to enable tracing.
Removed some duplications.
Change-Id: Ie1ed9e9edbf92158aac84669fbcbf7dc85fe2cf0
Fix the win_sdk host build by replacing utimes() with utime(). utime()
is functionally equivalent to utimes() when dealing with non-fractional
second timestamps, and is supported by the Windows CRT.
(The Windows CRT uses the nonstandard name _utime(), but mingw creates
aliases to the POSIX names.)
Change-Id: I513c6c5de05376c34cbb0894a94259acba8ae6f1
To facilitate device scripts that want to read/write binary data from
the host side, this change introduces a new "exec" service that
behaves like "shell" but without creating a pty, which would otherwise
mangle binary data.
After forking, it hooks up stdin/stdout of the child process to
the socket connected through to the host. The adb transport doesn't
support shutdown(), so the host can't half-close the socket and wait
for device termination. Instead, the host side now has two explicit
commands "exec-in" and "exec-out" for either sending or receiving
data.
Teach host side copy_to_file() to deal with stdin/stdout special
cases. Switch device side backup/restore services to use the new
create_subproc_raw under the hood.
(cherry picked from commit 5d9d434efa)
Change-Id: I42c18cb5bb907449b458c94450ef6c584d84ecdb
Added -a flag to adb pull that preserves time and mode. Mode is
subjected to umask for security. We only receive modification
time from adb server, so creation time will be set to the modification
time as well.
Signed-off-by: Lajos Molnar <lajos@google.com>
(cherry picked from commit de8ff4adca)
Change-Id: I03bb5cc14ce542299cf3b221a8be318a28ee8a8d
"fprintf(stderr, buf)" is a warning in some compilers, and we're
building with all warnings promoted to error.
Change-Id: Ie3c6ddcd74cf4dda40cf7b742df955dde1d1a5ff
The new install-multiple command automates creating an install
session, streaming multiple files into place, and then committing
or destroying the session. This uses the recent "exec" feature to
stream APK contents over stdin directly into their final resting
place, requiring no extra copies.
Blindly pass through command line arguments to "pm" to make adding
new flags easier in future.
Remove support for verifying APK before sending across wire, since it
was reading the entire APK into memory (!) before sending. Also
remove encrypted APKs, since they are no longer supported. Drop
support for undocumented verification files.
Bug: 14975160
Change-Id: I0c538471873061798160e2e47cec4c0424c27361