summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>2014-11-17 21:06:20 +0100
committerChih-Hung Hsieh <chh@google.com>2014-11-24 16:59:39 -0800
commit5f6199373dc1e07d2ee5edbae7ecfa08a065492e (patch)
treefa694bbcaf800818067bf7b839b43126cb4a253a
parent2e42a90653abd0fc8a76909b5f101782d187136e (diff)
downloadframeworks_native-5f6199373dc1e07d2ee5edbae7ecfa08a065492e.zip
frameworks_native-5f6199373dc1e07d2ee5edbae7ecfa08a065492e.tar.gz
frameworks_native-5f6199373dc1e07d2ee5edbae7ecfa08a065492e.tar.bz2
Fix potential format string vulnerability
A sensor name containing a format string could have interesting side effects... Change-Id: If7f1378aa68572d9716c339728eab18faa6b9f2a Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
Diffstat
-rw-r--r--services/sensorservice/SensorService.cpp9
1 files changed, 3 insertions, 6 deletions
diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp
index dc8fa64..9b2acea 100644
--- a/services/sensorservice/SensorService.cpp
+++ b/services/sensorservice/SensorService.cpp
@@ -617,12 +617,9 @@ Vector<Sensor> SensorService::getSensorList()
if (canAccessSensor(sensor)) {
accessibleSensorList.add(sensor);
} else {
- String8 infoMessage;
- infoMessage.appendFormat(
- "Skipped sensor %s because it requires permission %s",
- sensor.getName().string(),
- sensor.getRequiredPermission().string());
- ALOGI(infoMessage.string());
+ ALOGI("Skipped sensor %s because it requires permission %s",
+ sensor.getName().string(),
+ sensor.getRequiredPermission().string());
}
}
return accessibleSensorList;
generated by cgit v1.1 at 2025-01-23 18:03:37 +0000