diff options
author | Steven Moreland <smoreland@google.com> | 2018-03-06 11:31:33 -0800 |
---|---|---|
committer | Martijn Coenen <maco@google.com> | 2018-03-07 08:11:30 +0000 |
commit | 57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4 (patch) | |
tree | 44c290df557e91473275087d13f4b0a587ee3132 /base/HidlSupport.cpp | |
parent | 566c383bf83c0b66a59ae5c671ffd224b85c1c3b (diff) | |
download | libhidl-57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4.tar.gz |
Add earlier CHECK in hidl_string
hidl_string needs to be zero-terminated so that
the kernel can make a copy with it and have it
safely copied over to the the other process (and
that process can use c_str safely).
Right now, this CHECK is in parceling code for
hidl_string, but moving it to setToExternal
and adding additional documentation for clarity.
Bug: N/A
Test: TH
Change-Id: I1e5f338baa5757ec541e0c54f89f64df0a9c9d61
Diffstat (limited to 'base/HidlSupport.cpp')
-rw-r--r-- | base/HidlSupport.cpp | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/base/HidlSupport.cpp b/base/HidlSupport.cpp index 8f3c057..a69faa2 100644 --- a/base/HidlSupport.cpp +++ b/base/HidlSupport.cpp @@ -254,6 +254,14 @@ void hidl_string::setToExternal(const char *data, size_t size) { if (size > UINT32_MAX) { LOG(FATAL) << "string size can't exceed 2^32 bytes: " << size; } + + // When the binder driver copies this data into its buffer, it must + // have a zero byte there because the remote process will have a pointer + // directly into the read-only binder buffer. If we manually copy the + // data now to add a zero, then we lose the efficiency of this method. + // Checking here (it's also checked in the parceling code later). + CHECK(data[size] == '\0'); + clear(); mBuffer = data; |