Add earlier CHECK in hidl_string

hidl_string needs to be zero-terminated so that the kernel can make a copy with it and have it safely copied over to the the other process (and that process can use c_str safely). Right now, this CHECK is in parceling code for hidl_string, but moving it to setToExternal and adding additional documentation for clarity. Bug: N/A Test: TH Change-Id: I1e5f338baa5757ec541e0c54f89f64df0a9c9d61
author: Steven Moreland <smoreland@google.com> 2018-03-06 11:31:33 -0800
committer: Martijn Coenen <maco@google.com> 2018-03-07 08:11:30 +0000
commit: 57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4 (patch)
tree: 44c290df557e91473275087d13f4b0a587ee3132 /base/HidlSupport.cpp
parent: 566c383bf83c0b66a59ae5c671ffd224b85c1c3b (diff)
download: libhidl-57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/base/HidlSupport.cpp b/base/HidlSupport.cpp
index 8f3c057..a69faa2 100644
--- a/base/HidlSupport.cpp
+++ b/base/HidlSupport.cpp
@@ -254,6 +254,14 @@ void hidl_string::setToExternal(const char *data, size_t size) {
     if (size > UINT32_MAX) {
         LOG(FATAL) << "string size can't exceed 2^32 bytes: " << size;
     }
+
+    // When the binder driver copies this data into its buffer, it must
+    // have a zero byte there because the remote process will have a pointer
+    // directly into the read-only binder buffer. If we manually copy the
+    // data now to add a zero, then we lose the efficiency of this method.
+    // Checking here (it's also checked in the parceling code later).
+    CHECK(data[size] == '\0');
+
     clear();
 
     mBuffer = data;
author	Steven Moreland <smoreland@google.com>	2018-03-06 11:31:33 -0800
committer	Martijn Coenen <maco@google.com>	2018-03-07 08:11:30 +0000
commit	57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4 (patch)
tree	44c290df557e91473275087d13f4b0a587ee3132 /base/HidlSupport.cpp
parent	566c383bf83c0b66a59ae5c671ffd224b85c1c3b (diff)
download	libhidl-57c6fcbfa8134f532d5487ccf4bfc9f7bd38fff4.tar.gz