Merge "libbinder: add hasBinders" into main am: 1a067517 am: 760f097b

    if (const auto* rpcFields = maybeRpcFields()) {

        if (binder) {

            status_t status = writeInt32(1); // non-null

            status_t status = writeInt32(RpcFields::TYPE_BINDER); // non-null

            if (status != OK) return status;

            uint64_t address;

            // TODO(b/167966510): need to undo this if the Parcel is not sent

            status = writeUint64(address);

            if (status != OK) return status;

        } else {

            status_t status = writeInt32(0); // null

            status_t status = writeInt32(RpcFields::TYPE_BINDER_NULL); // null

            if (status != OK) return status;

        }

        return finishFlattenBinder(binder);

    return kernelFields->mHasFds;

}

status_t Parcel::hasBinders(bool* result) const {

    status_t status = hasBindersInRange(0, dataSize(), result);

    ALOGE_IF(status != NO_ERROR, "Error %d calling hasBindersInRange()", status);

    return status;

}

std::vector<sp<IBinder>> Parcel::debugReadAllStrongBinders() const {

    std::vector<sp<IBinder>> ret;

    return ret;

}

status_t Parcel::hasBindersInRange(size_t offset, size_t len, bool* result) const {

    if (len > INT32_MAX || offset > INT32_MAX) {

        // Don't accept size_t values which may have come from an inadvertent conversion from a

        // negative int.

        return BAD_VALUE;

    }

    size_t limit;

    if (__builtin_add_overflow(offset, len, &limit) || limit > mDataSize) {

        return BAD_VALUE;

    }

    *result = false;

    if (const auto* kernelFields = maybeKernelFields()) {

#ifdef BINDER_WITH_KERNEL_IPC

        for (size_t i = 0; i < kernelFields->mObjectsSize; i++) {

            size_t pos = kernelFields->mObjects[i];

            if (pos < offset) continue;

            if (pos + sizeof(flat_binder_object) > offset + len) {

                if (kernelFields->mObjectsSorted) {

                    break;

                } else {

                    continue;

                }

            }

            const flat_binder_object* flat =

                    reinterpret_cast<const flat_binder_object*>(mData + pos);

            if (flat->hdr.type == BINDER_TYPE_BINDER || flat->hdr.type == BINDER_TYPE_HANDLE) {

                *result = true;

                break;

            }

        }

#else

        LOG_ALWAYS_FATAL("Binder kernel driver disabled at build time");

        return INVALID_OPERATION;

#endif // BINDER_WITH_KERNEL_IPC

    } else if (const auto* rpcFields = maybeRpcFields()) {

        return INVALID_OPERATION;

    }

    return NO_ERROR;

}

status_t Parcel::hasFileDescriptorsInRange(size_t offset, size_t len, bool* result) const {

    if (len > INT32_MAX || offset > INT32_MAX) {

        // Don't accept size_t values which may have come from an inadvertent conversion from a

    void                restoreAllowFds(bool lastValue);

    bool                hasFileDescriptors() const;

    status_t hasBinders(bool* result) const;

    status_t hasFileDescriptorsInRange(size_t offset, size_t length, bool* result) const;

    status_t hasBindersInRange(size_t offset, size_t length, bool* result) const;

    // returns all binder objects in the Parcel

    std::vector<sp<IBinder>> debugReadAllStrongBinders() const;

    void                freeDataNoInit();

    void                initState();

    void                scanForFds() const;

    status_t scanForBinders(bool* result) const;

    status_t            validateReadData(size_t len) const;

    void                updateWorkSourceRequestHeaderPosition() const;

using android::BBinder;

using android::IBinder;

using android::IPCThreadState;

using android::NO_ERROR;

using android::OK;

using android::Parcel;

using android::sp;

    ASSERT_EQ(2, p2.readInt32());

}

TEST(Parcel, HasBinders) {

    sp<IBinder> b1 = sp<BBinder>::make();

    Parcel p1;

    p1.writeInt32(1);

    p1.writeStrongBinder(b1);

    bool result = false;

    ASSERT_EQ(NO_ERROR, p1.hasBinders(&result));

    ASSERT_EQ(true, result);

    p1.setDataSize(0); // clear data

    result = false;

    ASSERT_EQ(NO_ERROR, p1.hasBinders(&result));

    ASSERT_EQ(false, result);

    p1.writeStrongBinder(b1); // reset with binder data

    result = false;

    ASSERT_EQ(NO_ERROR, p1.hasBinders(&result));

    ASSERT_EQ(true, result);

    Parcel p3;

    p3.appendFrom(&p1, 0, p1.dataSize());

    result = false;

    ASSERT_EQ(NO_ERROR, p1.hasBinders(&result));

    ASSERT_EQ(true, result);

}

TEST(Parcel, HasBindersInRange) {

    sp<IBinder> b1 = sp<BBinder>::make();

    Parcel p1;

    p1.writeStrongBinder(b1);

    bool result = false;

    ASSERT_EQ(NO_ERROR, p1.hasBindersInRange(0, p1.dataSize(), &result));

    ASSERT_EQ(true, result);

    result = false;

    ASSERT_EQ(NO_ERROR, p1.hasBinders(&result));

    ASSERT_EQ(true, result);

}

TEST(Parcel, AppendWithBinder) {

    sp<IBinder> b1 = sp<BBinder>::make();

    sp<IBinder> b2 = sp<BBinder>::make();

        status_t status = p.hasFileDescriptorsInRange(offset, length, &result);

        FUZZ_LOG() << " status: " << status  << " result: " << result;

    },

    [] (const ::android::Parcel& p, FuzzedDataProvider& /*provider*/) {

        FUZZ_LOG() << "about to call hasBinders() with status";

        bool result;

        status_t status = p.hasBinders(&result);

        FUZZ_LOG() << " status: " << status  << " result: " << result;

    },

    [] (const ::android::Parcel& p, FuzzedDataProvider& /*provider*/) {

        FUZZ_LOG() << "about to call hasBindersInRange() with status";

        size_t offset = p.readUint32();

        size_t length = p.readUint32();

        bool result;

        status_t status = p.hasBindersInRange(offset, length, &result);

        FUZZ_LOG() << " status: " << status  << " result: " << result;

    },

    [] (const ::android::Parcel& p, FuzzedDataProvider& /*provider*/) {

        FUZZ_LOG() << "about to call compareDataInRange() with status";

        size_t thisOffset = p.readUint32();