For encoding errors, this function will return a negative value which
causes problems down the line. Check for an error and return. Also,
integer overflows are guarded.
Bug: 161894517
Test: fuzzer test case
Change-Id: Ia85067d4258bde4b875c832d6223db5dd26b8838
Merged-In: Ia85067d4258bde4b875c832d6223db5dd26b8838
Instead of aborting when FileMap::create detects an overflow, detect the
overflow directly and fail the call.
Bug: 156997193
Test: Ran unit tests, including new unit test that aborted before.
Change-Id: Ie49975b8949fd12bbde14346ec9bbb774ef88a51
Merged-In: Ie49975b8949fd12bbde14346ec9bbb774ef88a51
(cherry picked from commit 68604b9c29)
Without an explicit check, the return value can wrap around and return
a value that is far too small to hold the data from the resulting
conversion.
No CTS test is provided because it would need to allocate at least
SSIZE_MAX / 2 bytes of UTF-16 data, which is unreasonable on 64-bit
devices.
Bug: 37723026
Test: run cts -p android.security
Change-Id: I56ba5e31657633b7f33685dd8839d4b3b998e586
One must explicitly include what it need.
time.h for clock_gettime
Bug: 37629934
Test: build
Merged-In: I992eac637f373b204aa161b0b26f5563e952c27e
Change-Id: I992eac637f373b204aa161b0b26f5563e952c27e
As a VNDK-SP module, Android.bp must have 'vndk' tag as well as
'vendor_available: true'.
The 'vndk' tag for VNDK-SP formated as follows:
vndk: {
enabled: true,
support_system_process: true,
},
VNDK-SP modules will be installed both in system/lib(64) as normal
and in system/lib(64)/vndk-sp as a vendor variant.
Bug: 63866913
Test: build and boot with BOARD_VNDK_VERSION=current
Change-Id: I51fe0859f63ad58b7b91909e7d7d4206443228cd
ALOGD_IF_SLOW isn't intuitively implemented as it cannot handle
temporaries used as its parameters. Since there are so few users of
it already and since it's just sugar on top of 2 otherwise trivial
lines, we opt to remove it entirely.
Bug: 62820330
Test: Build
Change-Id: Ie91b40cdaf650154203ccf0ca70e029cc097b350
Renamed NDK headers to "liblog_ndk_headers"
(these names aren't used anywhere).
libutils_headers now properly export liblog_headers.
Test: with BOARD_VNDK_VERSION=current
Change-Id: I3a85385f588b84393c57fd6d1bcac620f708f0f1
- make liblog dependency for all library builds (this is required
for files like String8.cpp)
- export liblog headers (because they are used in many header files).
Test: less libraries fail with BOARD_VNDK_VERSION := current
Change-Id: Iecb9cd00deb3a9056ea63c4a087afdb80a51a2b8
From O, libutils.so is loaded twice. Once in the default namespace and
once in the sphal namespace for vendor libs. However, since the
framework only communicates with the instance loaded in the default
namespace, report_sysprop_change() event is not notified to the instance
in sphal namespace. This causes ATRACE to not work for vendor libs
loaded in sphal namespace.
So, the instance loaded in default namespace now explicitly redirects
the event to the other instance.
Bug: 62084107
Test: start an app, run 'adb shell atrace gfx --stream'. atrace from the
graphics driver are visible.
Change-Id: Ia6c2ca6bcb9a8849ebb09b5c38d60480c92d4571
The default constructor of FileMap was missing an initializer for the
mFileMapping variables. This results in CloseHandle being called with
a "random" value, which can cause havoc in Win32 process over time (e.g.
in the case of libaapt2_jni.dll, which is loaded in a JVM process).
Also, update the code to use "NULL" for invalid file map handle
and "INVALID_HANDLE_VALUE" for invalid file handle.
Bug: 38197857
Test: Stress testing on (Windows) machine
Change-Id: Ibd769219d601fbafcfcee89e848b31cc5137826c
`buffer` may not be correctly aligned here. Assignment assumes correct
alignment and so then blows up on arm32.
Bug: b/37920153
Test: build, boot device
Change-Id: I23ef7c7f1d1511fd912b9485bba955db59e33832
These headers are used in headers in libutils_headers and must be
re-exported.
include/utils/Atomic.h:20:#include <cutils/atomic.h>
include/utils/Trace.h:24:#include <cutils/trace.h>
include/utils/Singleton.h:27:#include <cutils/compiler.h>
Test: modules using libutils_headers don't have to have
libcutils_headers include dirs set.
Bug: 33241851
Change-Id: I039aaaad93bf0944d42f04d2a9e6654b4f867042
This is used in CallStack.h.
Test: m -j libutils
Test: links
Test: trying to compile with BOARD_VNDK_VERSION := current
Bug: 33241851
Change-Id: I076c9551d356824d6e69b82349b890369bc7eea3
Merged-In: If7258e7b38000a72fd520f725030fb0038f90167
vendor + vendor_available modules built with BOARD_VNDK_VERSION :=
current aren't allowed to use global headers. Since libutils uses
system headers itself, it should export them as well.
Bug: 33241851
Test: building with BOARD_VNDK_VERSION := current produces many fewer
errors.
Change-Id: Icc7d2beb2a17da291434c6282eb1b9eb458f114c
Merged-In: I950821f1dae3ddc110db50869247913d5b1aa638
Before BOARD_VNDK_VERSION is defined, unistd.h was included via
utils/Log.h and then log/log.h in liblog.
This error is detected because include for unistd.h is missing for
log/log.h for include_vndk in liblog
Bug: 33241851
Test: built libutils successfully
Change-Id: Icf14f8a9dee46752536a57f707c4d8895496fd72
Merged-In: Ide4aee3cacad2a2bf6bd0cbdf0254c6c245f4020
These includes are included transitively by liblog, but not by the VNDK
version of liblog.
Bug: 33241851
Test: links with BOARD_VNDK_VERSION := current
Change-Id: Ide4aee3cacad2a2bf6bd0cbdf0254c6c245f4020
This is used in CallStack.h.
Test: m -j libutils
Test: links
Test: trying to compile with BOARD_VNDK_VERSION := current
Bug: 33241851
Change-Id: If7258e7b38000a72fd520f725030fb0038f90167
vendor + vendor_available modules built with BOARD_VNDK_VERSION :=
current aren't allowed to use global headers. Since libutils uses
system headers itself, it should export them as well.
Also added some items into windows-deprecated.h. This file is supposed
to be in sync with the libnativewindow variant until all dependencies on
it can be fixed. However, it is missing some updates. This matters when
including libsystem_headers adds system headers before libnativewindow
headers in the lookup paths.
Bug: 33241851
Test: building with BOARD_VNDK_VERSION := current produces many fewer
errors.
Change-Id: I950821f1dae3ddc110db50869247913d5b1aa638
By setting vendor_available, the following may become true:
* a prebuilt library from this release may be used at runtime by
in a later releasse (by vendor code compiled against this release).
so this library shouldn't depend on runtime state that may change
in the future.
* this library may be loaded twice into a single process (potentially
an old version and a newer version). The symbols will be isolated
using linker namespaces, but this may break assumptions about 1
library in 1 process (your singletons will run twice).
Background:
This means that these modules may be built and installed twice --
once for the system partition and once for the vendor partition. The
system version will build just like today, and will be used by the
framework components on /system. The vendor version will build
against a reduced set of exports and libraries -- similar to, but
separate from, the NDK. This means that all your dependencies must
also mark vendor_available.
At runtime, /system binaries will load libraries from /system/lib*,
while /vendor binaries will load libraries from /vendor/lib*. There
are some exceptions in both directions -- bionic(libc,etc) and liblog
are always loaded from /system. And SP-HALs (OpenGL, etc) may load
/vendor code into /system processes, but the dependencies of those
libraries will load from /vendor until it reaches a library that's
always on /system. In the SP-HAL case, if both framework and vendor
libraries depend on a library of the same name, both versions will be
loaded, but they will be isolated from each other.
It's possible to compile differently -- reducing your source files,
exporting different include directories, etc. For details see:
https://android-review.googlesource.com/368372
None of this is enabled unless the device opts into the system/vendor
split with BOARD_VNDK_VERSION := current.
Bug: 36426473
Bug: 36079834
Test: m -j libutils
Test: attempt to compile with BOARD_VNDK_VERSION := current
Merged-In: I6c1279a74ef071851401e38bbdd377f13827694c
Change-Id: I6c1279a74ef071851401e38bbdd377f13827694c
By setting vendor_available, the following may become true:
* a prebuilt library from this release may be used at runtime by
in a later releasse (by vendor code compiled against this release).
so this library shouldn't depend on runtime state that may change
in the future.
* this library may be loaded twice into a single process (potentially
an old version and a newer version). The symbols will be isolated
using linker namespaces, but this may break assumptions about 1
library in 1 process (your singletons will run twice).
Background:
This means that these modules may be built and installed twice --
once for the system partition and once for the vendor partition. The
system version will build just like today, and will be used by the
framework components on /system. The vendor version will build
against a reduced set of exports and libraries -- similar to, but
separate from, the NDK. This means that all your dependencies must
also mark vendor_available.
At runtime, /system binaries will load libraries from /system/lib*,
while /vendor binaries will load libraries from /vendor/lib*. There
are some exceptions in both directions -- bionic(libc,etc) and liblog
are always loaded from /system. And SP-HALs (OpenGL, etc) may load
/vendor code into /system processes, but the dependencies of those
libraries will load from /vendor until it reaches a library that's
always on /system. In the SP-HAL case, if both framework and vendor
libraries depend on a library of the same name, both versions will be
loaded, but they will be isolated from each other.
It's possible to compile differently -- reducing your source files,
exporting different include directories, etc. For details see:
https://android-review.googlesource.com/368372
None of this is enabled unless the device opts into the system/vendor
split with BOARD_VNDK_VERSION := current.
Bug: 36426473
Bug: 36079834
Test: m -j libutils
Test: attempt to compile with BOARD_VNDK_VERSION := current
Change-Id: I6c1279a74ef071851401e38bbdd377f13827694c
A mixture of fixes and cleanup for LogKlog.cpp and friends.
- sscanf calls strlen. Check if the string is missing a nul
terminator, if it is, do not call sscanf.
- replace NULL with nullptr for stronger typechecking.
- pass by reference for simpler code.
- Use ssize_t where possible to check for negative values.
- fix FastCmp to add some validity checking since ASAN reports that
callers are not making sure pre-conditions are met.
- add fasticmp templates for completeness.
- if the buffer is too small to contain a meaningful time, do not
call down to log_time::strptime() because it does not limit its
accesses to the buffer boundaries, instead stopping at a
terminating nul or invalid match.
- move strnstr to LogUtils.h, drop size checking of needle and
clearly report the list of needles used with android::strnstr
- replace 'sizeof(static const char[]) - 1' with strlen.
Test: gTest liblog-unit-test, logd-unit-tests & logcat-unit-tests
Bug: 30792935
Bug: 36536248
Bug: 35468874
Bug: 34949125
Bug: 34606909
Bug: 36075298
Bug: 36608728
Change-Id: I161bf03ba029050e809b31cceef03f729d318866
Steven Moreland