From 80b0162910f5190b237bb1811ad21f180477bf35 Mon Sep 17 00:00:00 2001
From: Vernon Tang <vt@foilhead.net>
Date: Mon, 25 Apr 2011 03:13:44 +1000
Subject: [PATCH] libsysutils: only accept uevents from the kernel.

Addresses CVE-2011-1823.

Change-Id: I393c21da749a6a6491d6719767bc1ff3df647ebe
---
 libsysutils/src/NetlinkListener.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libsysutils/src/NetlinkListener.cpp b/libsysutils/src/NetlinkListener.cpp
index e2a354e4f..886899e6e 100644
--- a/libsysutils/src/NetlinkListener.cpp
+++ b/libsysutils/src/NetlinkListener.cpp
@@ -21,6 +21,7 @@
 
 #define LOG_TAG "NetlinkListener"
 #include <cutils/log.h>
+#include <cutils/uevent.h>
 
 #include <sysutils/NetlinkListener.h>
 #include <sysutils/NetlinkEvent.h>
@@ -34,7 +35,7 @@ bool NetlinkListener::onDataAvailable(SocketClient *cli)
     int socket = cli->getSocket();
     int count;
 
-    if ((count = recv(socket, mBuffer, sizeof(mBuffer), 0)) < 0) {
+    if ((count = uevent_checked_recv(socket, mBuffer, sizeof(mBuffer))) < 0) {
         SLOGE("recv failed (%s)", strerror(errno));
         return false;
     }