Gitiles
Code Review Sign In
review.blissroms.org / platform_dalvik / d53c7efac74f2c690a86871f160a0f36fbc069ef
commitd53c7efac74f2c690a86871f160a0f36fbc069ef[log] [tgz]
authorDan Bornstein <danfuzz@android.com>Fri May 13 13:55:32 2011 -0700
committerDan Bornstein <danfuzz@android.com>Tue May 17 10:19:19 2011 -0700
treeb3d6321caab1eb664641687cd6ca157f890542f0
parentcc20c55f1a752c71cd92702f64624702ca536a2e [diff]
Address CVE-2011-1090.

This adds a credentials check after connecting to the (alleged)
ADB control socket, to make sure that the other side really is
the system and not a malicious non-system process.

Since I was in the territory, I also did some minor comment
cleanup / correction (at the top of the file).

This change relies on a related change in system/core.

Change-Id: Iecbc4383cf285444f9d5a0414986951593777fa3
1 file changed
tree: b3d6321caab1eb664641687cd6ca157f890542f0
  1. dalvikvm/
  2. dexdump/
  3. dexgen/
  4. dexlist/
  5. dexopt/
  6. docs/
  7. dvz/
  8. dx/
  9. hit/
  10. libdex/
  11. libnativehelper/
  12. opcode-gen/
  13. tests/
  14. tools/
  15. unit-tests/
  16. vm/
  17. Android.mk
  18. CleanSpec.mk
  19. MODULE_LICENSE_APACHE2
  20. NOTICE
  21. README.txt