mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-12-25 02:17:38 +00:00
Fix UB when remote process died
If remote process died, `xreadlink` fails and leaves `buf` uninitialized. Then the daemon calls `str_ends`, creates a temp `std::string_view` with the uninitialized buffer and undefined behavior occurs.
This commit is contained in:
parent
d17ed2b979
commit
e8787b5cfd
@ -320,7 +320,11 @@ static void get_process_info(int client, const sock_cred *cred) {
|
|||||||
|
|
||||||
if (should_load_modules(flags)) {
|
if (should_load_modules(flags)) {
|
||||||
char buf[256];
|
char buf[256];
|
||||||
get_exe(cred->pid, buf, sizeof(buf));
|
if (!get_exe(cred->pid, buf, sizeof(buf))) {
|
||||||
|
LOGW("zygisk: remote process %d probably died, abort\n", cred->pid);
|
||||||
|
send_fd(client, -1);
|
||||||
|
return;
|
||||||
|
}
|
||||||
vector<int> fds = get_module_fds(str_ends(buf, "64"));
|
vector<int> fds = get_module_fds(str_ends(buf, "64"));
|
||||||
send_fds(client, fds.data(), fds.size());
|
send_fds(client, fds.data(), fds.size());
|
||||||
}
|
}
|
||||||
@ -386,8 +390,11 @@ void zygisk_handler(int client, const sock_cred *cred) {
|
|||||||
send_log_pipe(client);
|
send_log_pipe(client);
|
||||||
break;
|
break;
|
||||||
case ZygiskRequest::CONNECT_COMPANION:
|
case ZygiskRequest::CONNECT_COMPANION:
|
||||||
get_exe(cred->pid, buf, sizeof(buf));
|
if (get_exe(cred->pid, buf, sizeof(buf))) {
|
||||||
connect_companion(client, str_ends(buf, "64"));
|
connect_companion(client, str_ends(buf, "64"));
|
||||||
|
} else {
|
||||||
|
LOGW("zygisk: remote process %d probably died, abort\n", cred->pid);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case ZygiskRequest::GET_MODDIR:
|
case ZygiskRequest::GET_MODDIR:
|
||||||
get_moddir(client);
|
get_moddir(client);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user