diff options
| author | Xin Li <delphij@google.com> | 2023-10-17 10:08:43 -0700 |
|---|---|---|
| committer | Xin Li <delphij@google.com> | 2023-10-17 10:08:43 -0700 |
| commit | f4fe06d410945f41c2ea82d9934d68f22edcf93e (patch) | |
| tree | d7deb7a4d46ac804a7b3aa99a0b42cb73964ea46 | |
| parent | 07bd2b32b61ad5167f60db08c0fbbe54f52c77df (diff) | |
| parent | 9fae230052d24a3eb0529b92776db5b9502d3560 (diff) | |
| download | wlan-tmp_amf_315507370.tar.gz | |
Merge 10952656tmp_amf_315507370
Merged-In: I4ceb6d741e9019b9185de82544d11aecd01095af
Change-Id: I29ad312a85d3ba178998f2047227c61cc0c1957c
| -rwxr-xr-x | synadhd/wifi_hal/wifi_logger.cpp | 55 |
1 files changed, 49 insertions, 6 deletions
diff --git a/synadhd/wifi_hal/wifi_logger.cpp b/synadhd/wifi_hal/wifi_logger.cpp index 58784c3..dd89bcd 100755 --- a/synadhd/wifi_hal/wifi_logger.cpp +++ b/synadhd/wifi_hal/wifi_logger.cpp @@ -1029,6 +1029,13 @@ wifi_error wifi_start_logging(wifi_interface_handle iface, u32 verbose_level, } } +typedef struct { + u32 magic; + int num_entries; +} __attribute__((packed)) wifi_ring_buffer_entry_pack; + +#define WIFI_RING_BUFFER_PACK_MAGIC 0xDBAADBAA + /////////////////////////////////////////////////////////////////////////////// class SetLogHandler : public WifiCommand @@ -1145,13 +1152,49 @@ public: // ALOGI("Retrieved Debug data"); if (mHandler.on_ring_buffer_data) { - /* Skip msg header. Retrieved log */ char *pBuff; - wifi_ring_buffer_entry *buffer_entry = - (wifi_ring_buffer_entry *) buffer; - pBuff = (char *) (buffer_entry + 1); - (*mHandler.on_ring_buffer_data)((char *)status.name, pBuff, - buffer_entry->entry_size, &status); + int num_entries; + int cur_off = 0; + wifi_ring_buffer_entry_pack *pack_hdr = + (wifi_ring_buffer_entry_pack *)buffer; + + if (pack_hdr->magic != WIFI_RING_BUFFER_PACK_MAGIC) { + wifi_ring_buffer_entry *buffer_entry = + (wifi_ring_buffer_entry *) buffer; + pBuff = (char *) (buffer_entry + 1); + (*mHandler.on_ring_buffer_data)((char *)status.name, pBuff, + buffer_entry->entry_size, &status); + } else { + wifi_ring_buffer_entry *entry_hdr = + (wifi_ring_buffer_entry *)(buffer + sizeof(*pack_hdr)); + cur_off += sizeof(*pack_hdr); + + num_entries = pack_hdr->num_entries; + + while (num_entries > 0) { + /* Check for accesses that exceed the total buffer size */ + if (cur_off + sizeof(*entry_hdr) + entry_hdr->entry_size > buffer_size) { + ALOGE("SetLogHandler: detected invalid access " + "num_entries:%d cur_num:%d buffer_size:%d cur_off:%d " + "hdrsize:%lu entry_size:%d ring_name:%s\n", + pack_hdr->num_entries, num_entries, buffer_size, cur_off, + sizeof(*entry_hdr), entry_hdr->entry_size, status.name); + return NL_SKIP; + } + + /* Copy buffer without hdr to the ringbuffer in LegacyHAL */ + pBuff = (char *)entry_hdr + sizeof(*entry_hdr); + (*mHandler.on_ring_buffer_data)((char *)status.name, pBuff, + entry_hdr->entry_size, &status); + + cur_off += sizeof(*entry_hdr) + entry_hdr->entry_size; + + /* jump to next entry_hdr */ + entry_hdr = (wifi_ring_buffer_entry *)((char *)entry_hdr + sizeof(*entry_hdr) + entry_hdr->entry_size); + + num_entries--; + } + } } } else { ALOGE("Unknown Event"); |