adbd: strip nulls from all service strings.
Other services are checking for exact equality, like jdwp. Test: adb jdwp Change-Id: I1081904621b111b0143a275bd9337f903fe9c111
This commit is contained in:
parent
d2bd2edf25
commit
6bd16b1d22
|
@ -359,6 +359,11 @@ void handle_packet(apacket *p, atransport *t)
|
|||
if (t->online && p->msg.arg0 != 0 && p->msg.arg1 == 0) {
|
||||
std::string_view address(p->payload.begin(), p->payload.size());
|
||||
|
||||
// Historically, we received service names as a char*, and stopped at the first NUL
|
||||
// byte. The client sent strings with null termination, which post-string_view, start
|
||||
// being interpreted as part of the string, unless we explicitly strip them.
|
||||
address = StripTrailingNulls(address);
|
||||
|
||||
asocket* s = create_local_service_socket(address, t);
|
||||
if (s == nullptr) {
|
||||
send_close(0, p->msg.arg0, t);
|
||||
|
|
|
@ -328,13 +328,6 @@ asocket* daemon_service_to_socket(std::string_view name) {
|
|||
}
|
||||
|
||||
unique_fd daemon_service_to_fd(std::string_view name, atransport* transport) {
|
||||
// Historically, we received service names as a char*, and stopped at the first NUL byte.
|
||||
// The client unintentionally sent strings with embedded NULs, which post-string_view, start
|
||||
// being interpreted as part of the string, unless we explicitly strip them.
|
||||
// Notably, shell checks that the part after "shell:" is empty to determine whether the session
|
||||
// is interactive, and {'\0'} is non-empty.
|
||||
name = StripTrailingNulls(name);
|
||||
|
||||
if (name.starts_with("dev:")) {
|
||||
name.remove_prefix(strlen("dev:"));
|
||||
return unique_fd{unix_open(name, O_RDWR | O_CLOEXEC)};
|
||||
|
|
Loading…
Reference in New Issue