From b825f1148cc78fa853da964de2e7e2de1b3b03b2 Mon Sep 17 00:00:00 2001
From: Connor O'Brien <connoro@google.com>
Date: Fri, 12 Aug 2016 11:52:46 -0700
Subject: Fix vold vulnerability in FrameworkListener

Modify FrameworkListener to ignore commands that exceed the maximum
buffer length and send an error message.

Bug: 29831647
Change-Id: I9e57d1648d55af2ca0191bb47868e375ecc26950
Signed-off-by: Connor O'Brien <connoro@google.com>
(cherry picked from commit baa126dc158a40bc83c17c6d428c760e5b93fb1a)
(cherry picked from commit 470484d2a25ad432190a01d1c763b4b36db33c7e)
---
 include/sysutils/FrameworkListener.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include')

diff --git a/include/sysutils/FrameworkListener.h b/include/sysutils/FrameworkListener.h
index 18049cd..2137069 100644
--- a/include/sysutils/FrameworkListener.h
+++ b/include/sysutils/FrameworkListener.h
@@ -32,6 +32,7 @@ private:
     int mCommandCount;
     bool mWithSeq;
     FrameworkCommandCollection *mCommands;
+    bool mSkipToNextNullByte;
 
 public:
     FrameworkListener(const char *socketName);
-- 
cgit v1.1