Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8af0f82d authored by Dianne Hackborn's avatar Dianne Hackborn
Browse files

Fix a major bug in Bundle when unparcelling from AIDL. 

There was a serious problem in the Bundle(Parcel) and readFromParcel() methods,
where it wasn't doing the copying of the Parcel that Parcel.readBundle() does
and is a basic requirement for it to work correctly.

This re-arranges the code to make all of these functions (hopefully) correct.

Also fix a problem in Parcel where we were not duping fds when copying data from
one Parcel to another.
parent 454a6255

libs/utils/Parcel.cpp

+6 −2
Original line number Diff line number Diff line
@@ -409,12 +409,16 @@ status_t Parcel::appendFrom(Parcel *parcel, size_t offset, size_t len) 
            mObjects[idx++] = off;

            mObjectsSize++;



            const flat_binder_object* flat

            flat_binder_object* flat

                = reinterpret_cast<flat_binder_object*>(mData + off);

            acquire_object(proc, *flat, this);



            // take note if the object is a file descriptor

            if (flat->type == BINDER_TYPE_FD) {

                // If this is a file descriptor, we need to dup it so the

                // new Parcel now owns its own fd, and can declare that we

                // officially know we have fds.

                flat->handle = dup(flat->handle);

                flat->cookie = (void*)1;

                mHasFds = mFdsKnown = true;

            }

        }