12bafe205c236da50f34ed85adf62a5631525ab6 - SHIFTPHONES/android_frameworks_native

commit	12bafe205c236da50f34ed85adf62a5631525ab6	[log] [tgz]
author	Dianne Hackborn <hackbod@google.com>	Mon Mar 21 10:36:54 2016 -0700
committer	Suprabh Shukla <suprabh@google.com>	Wed Mar 23 01:16:32 2016 +0000
tree	1d44ca8393fca2a293f15a41ae47cdb37109b750
parent	12a01ba5f4f3f8ba122dfbf689e976019f353b3d [diff]

Fix issue #27252896: Security Vulnerability -- weak binder

Sending transaction to freed BBinder through weak handle
can cause use of a (mostly) freed object.  We need to try to
safely promote to a strong reference first.

Change-Id: Ic9c6940fa824980472e94ed2dfeca52a6b0fd342
(cherry picked from commit c11146106f94e07016e8e26e4f8628f9a0c73199)

libs/binder/IPCThreadState.cpp[diff]

1 file changed

tree: 1d44ca8393fca2a293f15a41ae47cdb37109b750

build/
cmds/
data/
include/
libs/
opengl/
services/
MODULE_LICENSE_APACHE2
NOTICE