mInternalEmulated could be used after shutdown() called
It fixes the findvolume() / reset() use-after-free issue after
shutdown called to avoid vold crash.
Fixes: a5bbb5e3c13d ("make shutdown safe for double calls.")
Change-Id: I50f216141b20da08549080291091dc5690c00ffe
Signed-off-by: Gao Xiang <gaoxiang25@huawei.com>
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index 2c39240..a6bed03 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -365,7 +365,10 @@
}
std::shared_ptr<android::vold::VolumeBase> VolumeManager::findVolume(const std::string& id) {
- if (mInternalEmulated->getId() == id) {
+ // Vold could receive "mount" after "shutdown" command in the extreme case.
+ // If this happens, mInternalEmulated will equal nullptr and
+ // we need to deal with it in order to avoid null pointer crash.
+ if (mInternalEmulated != nullptr && mInternalEmulated->getId() == id) {
return mInternalEmulated;
}
for (const auto& disk : mDisks) {
@@ -623,8 +626,10 @@
int VolumeManager::reset() {
// Tear down all existing disks/volumes and start from a blank slate so
// newly connected framework hears all events.
- mInternalEmulated->destroy();
- mInternalEmulated->create();
+ if (mInternalEmulated != nullptr) {
+ mInternalEmulated->destroy();
+ mInternalEmulated->create();
+ }
for (const auto& disk : mDisks) {
disk->destroy();
disk->create();