Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit de000859 authored by Ray Essick's avatar Ray Essick
Browse files

Fix UAF in metrics summarizer code 

ASAN tools found an instance of holding a reference to a variable that
had gone out of scope, resulting in a use-after-free.
This code changes the constructs around a little and ensures that the
reference does not outlive the variable's scope.

Re-scanned other code added at the same time, but did not find any
other similar scoping issues.

Bug: 37276863
Test: boot and execute; no ASAN re-test
parent e61d0399

services/mediaanalytics/MetricsSummarizer.cpp

+2 −6
Original line number Diff line number Diff line
@@ -85,16 +85,12 @@ const char *MetricsSummarizer::getKey() { 
// should the record be given to this summarizer

bool MetricsSummarizer::isMine(MediaAnalyticsItem &item)

{

    const char *incoming = item.getKey().c_str();

    if (incoming == NULL) {

        incoming = "unspecified";

    }

    if (mKey == NULL)

        return true;

    if (strcmp(mKey, incoming) != 0) {

    AString itemKey = item.getKey();

    if (strcmp(mKey, itemKey.c_str()) != 0) {

        return false;

    }

    // since nothing failed....

    return true;

}