Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-02 10:05:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Audio HAL: Fix UAF if the effect is removed after close

Browse Source 
Effect::close in V6 releases the underlying HAL effect.
It was not removing the effect entry from the effects
map, thus a call to Stream::removeEffect was retrieving
a stale handle.

Bug: 145656878
Test: start and stop recording for VOICE_COMMUNICATION
Change-Id: I47f486d3b6b4b0dc29acd1e3a2093e421b28d90b
This commit is contained in:
Mikhail Naganov
2019-12-04 16:18:50 -08:00
parent e7044daa5b
commit 532240f4eb
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
audio/effect/all-versions/default/Effect.cpp
View File

@@ -713,7 +713,10 @@ Return<Result> Effect::close() {
#elif MAJOR_VERSION >= 6
// No need to join the processing thread, it is part of the API contract that the client
// must finish processing before closing the effect.
return analyzeStatus("EffectRelease", "", sContextCallFunction, EffectRelease(mHandle));
Result retval =
analyzeStatus("EffectRelease", "", sContextCallFunction, EffectRelease(mHandle));
EffectMap::getInstance().remove(mHandle);
return retval;
#endif
}