openharmony/ability_ability_runtime
1
0
Fork 0
mirror of https://gitee.com/openharmony/ability_ability_runtime synced 2024-11-23 23:30:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

!1375 [CVSS-Fix]use WriteRemoteObject&ReadRemoteObject(app_mgr)[BugFix]Wrong request code in AbilityBehaviorAnalysis&KillProcessByAbilityToken

Browse Source 
Merge pull request !1375 from 张亚菲/zyf0326
This commit is contained in:
openharmony_ci 2022-03-26 11:32:03 +00:00 committed by Gitee
commit de0b62cd80
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
4 changed files with 134 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
interfaces/innerkits/app_manager/src/appmgr/ams_mgr_proxy.cpp
View File

@ -51,8 +51,31 @@ void AmsMgrProxy::LoadAbility(const sptr<IRemoteObject> &token, const sptr<IRemo
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token);
data.WriteParcelable(preToken);
if (token) {
if (!data.WriteBool(true) || !data.WriteRemoteObject(token)) {
HILOG_ERROR("Failed to write flag and token");
return;
}
} else {
if (!data.WriteBool(false)) {
HILOG_ERROR("Failed to write flag");
return;
}
}
if (preToken) {
if (!data.WriteBool(true) || !data.WriteRemoteObject(preToken)) {
HILOG_ERROR("Failed to write flag and preToken");
return;
}
} else {
if (!data.WriteBool(false)) {
HILOG_ERROR("Failed to write flag");
return;
}
}
data.WriteParcelable(abilityInfo.get());
data.WriteParcelable(appInfo.get());
if (!data.WriteParcelable(want.get())) {
@ -80,7 +103,10 @@ void AmsMgrProxy::TerminateAbility(const sptr<IRemoteObject> &token)
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
HILOG_ERROR("Remote() is NULL");
@ -103,7 +129,10 @@ void AmsMgrProxy::UpdateAbilityState(const sptr<IRemoteObject> &token, const Abi
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
data.WriteInt32(static_cast<int32_t>(state));
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
@ -127,7 +156,10 @@ void AmsMgrProxy::UpdateExtensionState(const sptr<IRemoteObject> &token, const E
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
data.WriteInt32(static_cast<int32_t>(state));
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
@ -156,7 +188,19 @@ void AmsMgrProxy::RegisterAppStateCallback(const sptr<IAppStateCallback> &callba
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(callback->AsObject());
if (callback->AsObject()) {
if (!data.WriteBool(true) || !data.WriteRemoteObject(callback->AsObject())) {
HILOG_ERROR("Failed to write flag and callback");
return;
}
} else {
if (!data.WriteBool(false)) {
HILOG_ERROR("Failed to write flag");
return;
}
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
HILOG_ERROR("Remote() is nullptr");
@ -180,8 +224,24 @@ void AmsMgrProxy::AbilityBehaviorAnalysis(const sptr<IRemoteObject> &token, cons
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
data.WriteParcelable(preToken.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
if (preToken) {
if (!data.WriteBool(true) || !data.WriteRemoteObject(preToken.GetRefPtr())) {
HILOG_ERROR("Failed to write flag and preToken");
return;
}
} else {
if (!data.WriteBool(false)) {
HILOG_ERROR("Failed to write flag");
return;
}
}
data.WriteInt32(static_cast<int32_t>(visibility));
data.WriteInt32(static_cast<int32_t>(perceptibility));
data.WriteInt32(static_cast<int32_t>(connectionState));
@ -191,7 +251,7 @@ void AmsMgrProxy::AbilityBehaviorAnalysis(const sptr<IRemoteObject> &token, cons
return;
}
int32_t ret =
remote->SendRequest(static_cast<uint32_t>(IAmsMgr::Message::TERMINATE_ABILITY), data, reply, option);
remote->SendRequest(static_cast<uint32_t>(IAmsMgr::Message::ABILITY_BEHAVIOR_ANALYSIS), data, reply, option);
if (ret != NO_ERROR) {
HILOG_WARN("SendRequest is failed, error code: %{public}d", ret);
}
@ -207,14 +267,17 @@ void AmsMgrProxy::KillProcessByAbilityToken(const sptr<IRemoteObject> &token)
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
HILOG_ERROR("Remote() is NULL");
return;
}
int32_t ret =
remote->SendRequest(static_cast<uint32_t>(IAmsMgr::Message::TERMINATE_ABILITY), data, reply, option);
int32_t ret = remote->SendRequest(static_cast<uint32_t>(IAmsMgr::Message::KILL_PEOCESS_BY_ABILITY_TOKEN),
data, reply, option);
if (ret != NO_ERROR) {
HILOG_WARN("SendRequest is failed, error code: %{public}d", ret);
}
@ -353,7 +416,10 @@ void AmsMgrProxy::AbilityAttachTimeOut(const sptr<IRemoteObject> &token)
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
HILOG_ERROR("Remote() is NULL");
@ -376,7 +442,10 @@ void AmsMgrProxy::PrepareTerminate(const sptr<IRemoteObject> &token)
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
HILOG_ERROR("Remote() is NULL");
@ -401,7 +470,7 @@ void AmsMgrProxy::GetRunningProcessInfoByToken(
return;
}
if (!data.WriteParcelable(token.GetRefPtr())) {
if (!data.WriteRemoteObject(token.GetRefPtr())) {
return;
}
@ -467,7 +536,10 @@ void AmsMgrProxy::RegisterStartSpecifiedAbilityResponse(const sptr<IStartSpecifi
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(response->AsObject());
if (!data.WriteRemoteObject(response->AsObject())) {
HILOG_ERROR("Failed to write remote object.");
return;
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {

40
interfaces/innerkits/app_manager/src/appmgr/ams_mgr_stub.cpp
View File

@ -95,8 +95,14 @@ int AmsMgrStub::OnRemoteRequest(uint32_t code, MessageParcel &data, MessageParce
ErrCode AmsMgrStub::HandleLoadAbility(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> preToke = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = nullptr;
sptr<IRemoteObject> preToke = nullptr;
if (data.ReadBool()) {
token = data.ReadRemoteObject();
}
if (data.ReadBool()) {
preToke = data.ReadRemoteObject();
}
std::shared_ptr<AbilityInfo> abilityInfo(data.ReadParcelable<AbilityInfo>());
if (!abilityInfo) {
HILOG_ERROR("ReadParcelable<AbilityInfo> failed");
@ -122,7 +128,7 @@ ErrCode AmsMgrStub::HandleLoadAbility(MessageParcel &data, MessageParcel &reply)
ErrCode AmsMgrStub::HandleTerminateAbility(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
TerminateAbility(token);
return NO_ERROR;
}
@ -130,7 +136,7 @@ ErrCode AmsMgrStub::HandleTerminateAbility(MessageParcel &data, MessageParcel &r
ErrCode AmsMgrStub::HandleUpdateAbilityState(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
int32_t state = data.ReadInt32();
UpdateAbilityState(token, static_cast<AbilityState>(state));
return NO_ERROR;
@ -138,7 +144,7 @@ ErrCode AmsMgrStub::HandleUpdateAbilityState(MessageParcel &data, MessageParcel
ErrCode AmsMgrStub::HandleUpdateExtensionState(MessageParcel &data, MessageParcel &reply)
{
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
int32_t state = data.ReadInt32();
UpdateExtensionState(token, static_cast<ExtensionState>(state));
return NO_ERROR;
@ -147,8 +153,11 @@ ErrCode AmsMgrStub::HandleUpdateExtensionState(MessageParcel &data, MessageParce
ErrCode AmsMgrStub::HandleRegisterAppStateCallback(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> obj = data.ReadParcelable<IRemoteObject>();
sptr<IAppStateCallback> callback = iface_cast<IAppStateCallback>(obj);
sptr<IAppStateCallback> callback = nullptr;
if (data.ReadBool()) {
sptr<IRemoteObject> obj = data.ReadRemoteObject();
callback = iface_cast<IAppStateCallback>(obj);
}
RegisterAppStateCallback(callback);
return NO_ERROR;
}
@ -156,8 +165,11 @@ ErrCode AmsMgrStub::HandleRegisterAppStateCallback(MessageParcel &data, MessageP
ErrCode AmsMgrStub::HandleAbilityBehaviorAnalysis(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> preToke = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
sptr<IRemoteObject> preToke = nullptr;
if (data.ReadBool()) {
preToke = data.ReadRemoteObject();
}
int32_t visibility = data.ReadInt32();
int32_t Perceptibility = data.ReadInt32();
int32_t connectionState = data.ReadInt32();
@ -169,7 +181,7 @@ ErrCode AmsMgrStub::HandleAbilityBehaviorAnalysis(MessageParcel &data, MessagePa
ErrCode AmsMgrStub::HandleKillProcessByAbilityToken(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
KillProcessByAbilityToken(token);
return NO_ERROR;
@ -225,14 +237,14 @@ ErrCode AmsMgrStub::HandleKillApplicationByUid(MessageParcel &data, MessageParce
int32_t AmsMgrStub::HandleAbilityAttachTimeOut(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
AbilityAttachTimeOut(token);
return NO_ERROR;
}
int32_t AmsMgrStub::HandlePrepareTerminate(MessageParcel &data, MessageParcel &reply)
{
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
PrepareTerminate(token);
return NO_ERROR;
}
@ -243,7 +255,7 @@ void AmsMgrStub::UpdateExtensionState(const sptr<IRemoteObject> &token, const Ex
int32_t AmsMgrStub::HandleGetRunningProcessInfoByToken(MessageParcel &data, MessageParcel &reply)
{
RunningProcessInfo processInfo;
auto token = data.ReadParcelable<IRemoteObject>();
auto token = data.ReadRemoteObject();
GetRunningProcessInfoByToken(token, processInfo);
if (reply.WriteParcelable(&processInfo)) {
HILOG_ERROR("process info write failed.");
@ -274,7 +286,7 @@ int32_t AmsMgrStub::HandleStartSpecifiedAbility(MessageParcel &data, MessageParc
int32_t AmsMgrStub::HandleRegisterStartSpecifiedAbilityResponse(MessageParcel &data, MessageParcel &reply)
{
sptr<IRemoteObject> obj = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> obj = data.ReadRemoteObject();
sptr<IStartSpecifiedAbilityResponse> response = iface_cast<IStartSpecifiedAbilityResponse>(obj);
RegisterStartSpecifiedAbilityResponse(response);
return NO_ERROR;

20
interfaces/innerkits/app_manager/src/appmgr/app_mgr_proxy.cpp
View File

@ -43,7 +43,10 @@ void AppMgrProxy::AttachApplication(const sptr<IRemoteObject> &obj)
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(obj.GetRefPtr());
if (!data.WriteRemoteObject(obj.GetRefPtr())) {
HILOG_ERROR("Failed to write remote object");
return;
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
HILOG_ERROR("Remote() is NULL");
@ -162,7 +165,10 @@ void AppMgrProxy::AbilityCleaned(const sptr<IRemoteObject> &token)
if (!WriteInterfaceToken(data)) {
return;
}
data.WriteParcelable(token.GetRefPtr());
if (!data.WriteRemoteObject(token.GetRefPtr())) {
HILOG_ERROR("Failed to write token");
return;
}
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
HILOG_ERROR("Remote() is NULL");
@ -187,7 +193,7 @@ sptr<IAmsMgr> AppMgrProxy::GetAmsMgr()
if (!SendTransactCmd(IAppMgr::Message::APP_GET_MGR_INSTANCE, data, reply)) {
return nullptr;
}
sptr<IRemoteObject> object = reply.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> object = reply.ReadRemoteObject();
sptr<IAmsMgr> amsMgr = iface_cast<IAmsMgr>(object);
if (!amsMgr) {
HILOG_ERROR("ams instance is nullptr");
@ -408,7 +414,7 @@ int AppMgrProxy::RegisterApplicationStateObserver(
if (!WriteInterfaceToken(data)) {
return ERR_FLATTEN_OBJECT;
}
if (!data.WriteParcelable(observer->AsObject())) {
if (!data.WriteRemoteObject(observer->AsObject())) {
HILOG_ERROR("observer write failed.");
return ERR_FLATTEN_OBJECT;
}
@ -436,7 +442,7 @@ int AppMgrProxy::UnregisterApplicationStateObserver(
if (!WriteInterfaceToken(data)) {
return ERR_FLATTEN_OBJECT;
}
if (!data.WriteParcelable(observer->AsObject())) {
if (!data.WriteRemoteObject(observer->AsObject())) {
HILOG_ERROR("observer write failed.");
return ERR_FLATTEN_OBJECT;
}
@ -491,7 +497,7 @@ int AppMgrProxy::StartUserTestProcess(
HILOG_ERROR("want write failed.");
return ERR_FLATTEN_OBJECT;
}
if (!data.WriteParcelable(observer)) {
if (!data.WriteRemoteObject(observer)) {
HILOG_ERROR("observer write failed.");
return ERR_FLATTEN_OBJECT;
}
@ -640,7 +646,7 @@ void AppMgrProxy::AttachRenderProcess(const sptr<IRemoteObject> &renderScheduler
if (!WriteInterfaceToken(data)) {
return;
}
if (!data.WriteParcelable(renderScheduler)) {
if (!data.WriteRemoteObject(renderScheduler)) {
HILOG_ERROR("renderScheduler write failed.");
return;
}

14
interfaces/innerkits/app_manager/src/appmgr/app_mgr_stub.cpp
View File

@ -110,7 +110,7 @@ int AppMgrStub::OnRemoteRequest(uint32_t code, MessageParcel &data, MessageParce
int32_t AppMgrStub::HandleAttachApplication(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> client = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> client = data.ReadRemoteObject();
AttachApplication(client);
return NO_ERROR;
}
@ -149,7 +149,7 @@ int32_t AppMgrStub::HandleCheckPermission(MessageParcel &data, MessageParcel &re
int32_t AppMgrStub::HandleAbilityCleaned(MessageParcel &data, MessageParcel &reply)
{
BYTRACE(BYTRACE_TAG_APP);
sptr<IRemoteObject> token = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> token = data.ReadRemoteObject();
AbilityCleaned(token);
return NO_ERROR;
}
@ -163,7 +163,7 @@ int32_t AppMgrStub::HandleGetAmsMgr(MessageParcel &data, MessageParcel &reply)
HILOG_ERROR("abilitymgr instance is nullptr");
result = ERR_NO_INIT;
} else {
if (!reply.WriteParcelable(amsMgr->AsObject())) {
if (!reply.WriteRemoteObject(amsMgr->AsObject())) {
HILOG_ERROR("failed to reply abilitymgr instance to client, for write parcel error");
result = ERR_APPEXECFWK_PARCEL_ERROR;
}
@ -256,7 +256,7 @@ int32_t AppMgrStub::HandleStartupResidentProcess(MessageParcel &data, MessagePar
int32_t AppMgrStub::HandleRegisterApplicationStateObserver(MessageParcel &data, MessageParcel &reply)
{
auto callback = iface_cast<AppExecFwk::IApplicationStateObserver>(data.ReadParcelable<IRemoteObject>());
auto callback = iface_cast<AppExecFwk::IApplicationStateObserver>(data.ReadRemoteObject());
int32_t result = RegisterApplicationStateObserver(callback);
reply.WriteInt32(result);
return NO_ERROR;
@ -264,7 +264,7 @@ int32_t AppMgrStub::HandleRegisterApplicationStateObserver(MessageParcel &data,
int32_t AppMgrStub::HandleUnregisterApplicationStateObserver(MessageParcel &data, MessageParcel &reply)
{
auto callback = iface_cast<AppExecFwk::IApplicationStateObserver>(data.ReadParcelable<IRemoteObject>());
auto callback = iface_cast<AppExecFwk::IApplicationStateObserver>(data.ReadRemoteObject());
int32_t result = UnregisterApplicationStateObserver(callback);
reply.WriteInt32(result);
return NO_ERROR;
@ -300,7 +300,7 @@ int32_t AppMgrStub::HandleStartUserTestProcess(MessageParcel &data, MessageParce
delete want;
return ERR_INVALID_VALUE;
}
auto observer = data.ReadParcelable<IRemoteObject>();
auto observer = data.ReadRemoteObject();
int32_t userId = data.ReadInt32();
int32_t result = StartUserTestProcess(*want, observer, *bundleInfo, userId);
reply.WriteInt32(result);
@ -388,7 +388,7 @@ int32_t AppMgrStub::HandleStartRenderProcess(MessageParcel &data, MessageParcel
int32_t AppMgrStub::HandleAttachRenderProcess(MessageParcel &data, MessageParcel &reply)
{
sptr<IRemoteObject> scheduler = data.ReadParcelable<IRemoteObject>();
sptr<IRemoteObject> scheduler = data.ReadRemoteObject();
AttachRenderProcess(scheduler);
return NO_ERROR;
}