Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 998b3295 authored by Dave Sparks's avatar Dave Sparks
Browse files

Fix permission hole in camera service. Some debugging code was added 

to CameraService::onTransact() method during development. Later on
the entire onTransact() method was #ifdef'd out, which inadvertently
omitted the permissions check code. This change restores the code.
parent 95608596

camera/libcameraservice/CameraService.cpp

+3 −4
Original line number Diff line number Diff line
@@ -1052,8 +1052,6 @@ status_t CameraService::dump(int fd, const Vector<String16>& args) 
}





#if DEBUG_HEAP_LEAKS



#define CHECK_INTERFACE(interface, data, reply) \

        do { if (!data.enforceInterface(interface::getInterfaceDescriptor())) { \

            LOGW("Call incorrectly routed to " #interface); \
@@ -1085,6 +1083,8 @@ status_t CameraService::onTransact( 


    status_t err = BnCameraService::onTransact(code, data, reply, flags);



#if DEBUG_HEAP_LEAKS



    LOGD("+++ onTransact err %d code %d", err, code);



    if (err == UNKNOWN_TRANSACTION || err == PERMISSION_DENIED) {
@@ -1120,9 +1120,8 @@ status_t CameraService::onTransact( 
            break;

        }

    }

#endif // DEBUG_HEAP_LEAKS

    return err;

}



#endif // DEBUG_HEAP_LEAKS



}; // namespace android

camera/libcameraservice/CameraService.h

+0 −2
Original line number Diff line number Diff line
@@ -58,10 +58,8 @@ public: 


            void            removeClient(const sp<ICameraClient>& cameraClient);



#if DEBUG_HEAP_LEAKS

    virtual status_t onTransact(

        uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags);

#endif



private: