We should check the boundary of central directory before checking its
signature. Swap the order of these two checks.
Bug: 36392138
Test: libziparchive doesn't read the signature after boundary check fails.
Merged-In: Ie89f709bb2d1ccb647116fb7ccb1e23c943e5ab8
Change-Id: Ie89f709bb2d1ccb647116fb7ccb1e23c943e5ab8
(cherry picked from commit 74464a1361)
Add a check to ensure the filename boundary doesn't exceed the mapped
memory region. Also add the corresponding unit test.
Bug: 28802225
Test: New unit test passes.
Merged-In: Ibf543a7da3d7898952e9eb332c84cdfc67cf5aa4
Change-Id: Ibf543a7da3d7898952e9eb332c84cdfc67cf5aa4
(cherry picked from commit bcc4431f24)
The boundary check of an invalid EOCD record may succeed due to the
overflow of uint32_t. Fix the check and add a unit test.
Test: Open the crash.apk and libziparchive reports the offset error as expected.
Bug: 31251826
Merged-In: I1d8092a19b73886a671bc9d291cfc27d65e3d236
Change-Id: I1d8092a19b73886a671bc9d291cfc27d65e3d236
(cherry picked from commit ae8180c06d)
Use mem cgroups if the kernel is built with CONFIG_MEMCG=y,
additionally add system group.
test: verified on both kernel with/without memcg enabled
Change-Id: Ib9d1c8e3c797e75f160e0e92edf3f11c9d8e9f17
Binder currently may service an incoming oneway transaction whenever
an outbound oneway call is made (if there is already a pending
incoming oneway call waiting). The unexpected nested method call
blocks forever on a recursive mutex acquire because healthd is single-
threaded. The binder behavior is considered a bug and may change in
the future. For now, work around this in healthd.
Make a local copy of the listeners list, then drop the lock and
perform the outbound calls on the local copy of the list.
Bug: 38201220
Test: Marlin with modified client calling scheduleUpdate() repeatedly
Change-Id: If35c2847556245921e2aff808ff747bb60356811
This change homogenizes the use of std::unique_ptr for storing
capabilities in system/core/.
Bug: None
Test: m
Change-Id: I0a95f87a27b0261e9d321841d5140fc000473293
This change makes it possible for Android running in a container to
terminate cleanly instead of calling abort() when requested to shut
down.
Bug: 62388055
Test: `adb reboot` on bullhead causes no kernel panics
Test: `adb reboot` on a system without CAP_SYS_BOOT makes init terminate
nicely
Change-Id: I36b2298610f5b4a2bf8b05103d04804883df2c88
- Use the CHECK macro everywhere that assert was used.
- Remove the _debug version of the tests and leave the CHECK macro so
it's always checking in the code.
Bug: 23762183
Test: Ran unit tests.
Change-Id: Ie705eedae393d0e95bb9d99f852687a11881aef1
Not only vendor libs, but also Android libs that are marked as
vendor_available are using SLOG*. Since both pure vendor libs and
Android libs available to vendors are using the same liblog headers for
VNDK, SLOG* needs to be visible via the headers.
Bug: 63088165
Test: BOARD_VNDK_VERSION=current m -j ATFWD-daemon
(or any other vendor modules using SLOG*)
Change-Id: Idfb74887a42d2418d3896bfdf5be3b4fc8e4c27f
Update the unwind_info tool to dump all of the sections.
Bug: 23762183
Test: Passes new unit tests.
Change-Id: I8b223bc208a1a2ef06ed333e6d96943c8f273681
* Update android::base::utf8::open/unlink to support Windows long
paths
* Add android::base::utf8::fopen, also with support for Windows long
paths
* Upcoming CLs will add additional APIs to support additional use cases
Test: Added tests to utf8_test
Bug: 38268753
Change-Id: If72af327f3487766f5370a2f43ee9cabd4a8a810
