Fix UB when remote process died

If remote process died, `xreadlink` fails and leaves `buf` uninitialized. Then the daemon calls `str_ends`, creates a temp `std::string_view` with the uninitialized buffer and undefined behavior occurs.
This commit is contained in:
canyie 2022-08-03 00:22:44 +08:00 committed by John Wu
parent d17ed2b979
commit e8787b5cfd

View File

@ -320,7 +320,11 @@ static void get_process_info(int client, const sock_cred *cred) {
if (should_load_modules(flags)) { if (should_load_modules(flags)) {
char buf[256]; char buf[256];
get_exe(cred->pid, buf, sizeof(buf)); if (!get_exe(cred->pid, buf, sizeof(buf))) {
LOGW("zygisk: remote process %d probably died, abort\n", cred->pid);
send_fd(client, -1);
return;
}
vector<int> fds = get_module_fds(str_ends(buf, "64")); vector<int> fds = get_module_fds(str_ends(buf, "64"));
send_fds(client, fds.data(), fds.size()); send_fds(client, fds.data(), fds.size());
} }
@ -386,8 +390,11 @@ void zygisk_handler(int client, const sock_cred *cred) {
send_log_pipe(client); send_log_pipe(client);
break; break;
case ZygiskRequest::CONNECT_COMPANION: case ZygiskRequest::CONNECT_COMPANION:
get_exe(cred->pid, buf, sizeof(buf)); if (get_exe(cred->pid, buf, sizeof(buf))) {
connect_companion(client, str_ends(buf, "64")); connect_companion(client, str_ends(buf, "64"));
} else {
LOGW("zygisk: remote process %d probably died, abort\n", cred->pid);
}
break; break;
case ZygiskRequest::GET_MODDIR: case ZygiskRequest::GET_MODDIR:
get_moddir(client); get_moddir(client);