Commit d3c86412 authored Jun 10, 2017 by NIEJuhu Committed by Juhu Nie Jun 20, 2017

libsysutils: Fix vold vulnerability in FrameworkListener

Don't release the sender socket when FrameworkListener receives
a command that exceed the maximum buffer length

Bug: https://issuetracker.google.com/issues/62812018
Test: manual

Change-Id: I160f504f3fb902ba25fc79deb8ae7d78d811a807

parent 4c28ca1a

libsysutils/src/FrameworkListener.cpp

+1 −1

Original line number	Diff line number	Diff line
		@@ -68,7 +68,7 @@ bool FrameworkListener::onDataAvailable(SocketClient *c) {
		android_errorWriteLog(0x534e4554, "29831647");
		c->sendMsg(500, "Command too large for buffer", false);
		mSkipToNextNullByte = true;
		return false;
		return true;
		}

		int offset = 0;