mirror of
https://github.com/Evolution-X-Devices/device_google_wahoo
synced 2026-01-28 13:18:23 +00:00
948ad9c58c
It is possible for sensor handles retrieved using ASensorManager_getDefaultSensor() to become stale if the underlying binder connection to the sensor service gets reset. This can be triggered by ASensorManager_createEventQueue(), so any sensor handle retrieved prior to this call may become stale, resulting in a use-after- free when the handle is eventually registered with the queue. To avoid this, the event queue is created before retrieving or registering the sensor. Bug: 150225255 Test: No longer crashes with proof-of-concept on Pixel 2 XL. Change-Id: I243f6c68c734af3eb5488855d965a894b5fb99e5