commit 8938ed2c8e906fc332301b64787728d4d34da571
author Dianne Hackborn <hackbod@google.com> Wed Sep 28 23:19:47 2011 -0400
committer Dianne Hackborn <hackbod@google.com> Mon Oct 03 16:58:41 2011 -0700
tree b24c8e54739c81b47fb33196660e056a028253c3
parent c673c036712bb113ce2670c46ca808209b9d07e6

Add mechanism for Parcel to not allow FDs to be written to it.

This is to help implement issue #5224703.

Change-Id: I026a5890495537d15b57fe61227a640aac806d46

libs/binder/Parcel.cpp

diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp
index a0fc4d0..8eeab7a 100644
--- a/libs/binder/Parcel.cpp
+++ b/libs/binder/Parcel.cpp
@@ -399,6 +399,8 @@
     mDataPos += len;
     mDataSize += len;
 
+    err = NO_ERROR;
+
     if (numObjects > 0) {
         // grow objects
         if (mObjectsCapacity < mObjectsSize + numObjects) {
@@ -430,11 +432,21 @@
                 flat->handle = dup(flat->handle);
                 flat->cookie = (void*)1;
                 mHasFds = mFdsKnown = true;
+                if (!mAllowFds) {
+                    err = FDS_NOT_ALLOWED;
+                }
             }
         }
     }
 
-    return NO_ERROR;
+    return err;
+}
+
+bool Parcel::setAllowFds(bool allowFds)
+{
+    const bool origValue = mAllowFds;
+    mAllowFds = allowFds;
+    return origValue;
 }
 
 bool Parcel::hasFileDescriptors() const
@@ -759,6 +771,9 @@
         
         // remember if it's a file descriptor
         if (val.type == BINDER_TYPE_FD) {
+            if (!mAllowFds) {
+                return FDS_NOT_ALLOWED;
+            }
             mHasFds = mFdsKnown = true;
         }
 
@@ -1283,6 +1298,7 @@
     mNextObjectHint = 0;
     mHasFds = false;
     mFdsKnown = true;
+    mAllowFds = true;
     
     return NO_ERROR;
 }
@@ -1434,6 +1450,7 @@
     mNextObjectHint = 0;
     mHasFds = false;
     mFdsKnown = true;
+    mAllowFds = true;
     mOwner = NULL;
 }