Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 18fae753 authored by Colin Cross's avatar Colin Cross
Browse files

crash if getNativeBuffer() called on NULL GraphicBuffer 

If getNativeBuffer() is called on a NULL GraphicBuffer the
static_cast of this from GraphicBuffer* to ANativeWindowBuffer*
will return a small pointer like (ANativeWindowBuffer*)0x10.
This value can propagate past NULL checks until it causes a crash
far away from the original NULL pointer.  Crash immediately
instead.

Change-Id: Id614b9eb1484108b3c3c733545309844c4b87532
parent 78014f32

libs/ui/GraphicBuffer.cpp

+1 −0
Original line number Diff line number Diff line
@@ -126,6 +126,7 @@ void GraphicBuffer::dumpAllocationsToSystemLog() 


ANativeWindowBuffer* GraphicBuffer::getNativeBuffer() const

{

    LOG_ALWAYS_FATAL_IF(this == NULL, "getNativeBuffer() called on NULL GraphicBuffer");

    return static_cast<ANativeWindowBuffer*>(

            const_cast<GraphicBuffer*>(this));

}