a59b827869a2ea04022dd225007f29af8d61837a - platform/frameworks/native

commit	a59b827869a2ea04022dd225007f29af8d61837a	[log] [tgz]
author	Dianne Hackborn <[email protected]>	Mon Mar 21 10:36:54 2016 -0700
committer	The Android Automerger <[email protected]>	Fri Mar 25 17:47:54 2016 -0700
tree	f73b2b42a583950af1e873fe175141ed4f3a5a7f
parent	a30d7d90c4f718e46fb41a99b3d52800e1011b73 [diff]

Fix issue #27252896: Security Vulnerability -- weak binder

Sending transaction to freed BBinder through weak handle
can cause use of a (mostly) freed object.  We need to try to
safely promote to a strong reference first.

Change-Id: Ic9c6940fa824980472e94ed2dfeca52a6b0fd342
(cherry picked from commit c11146106f94e07016e8e26e4f8628f9a0c73199)

libs/binder/IPCThreadState.cpp[diff]

1 file changed

tree: f73b2b42a583950af1e873fe175141ed4f3a5a7f

build/
cmds/
data/
docs/
include/
libs/
opengl/
services/
MODULE_LICENSE_APACHE2
NOTICE