diff --git a/window_scene/session_manager/src/zidl/scene_session_manager_lite_stub.cpp b/window_scene/session_manager/src/zidl/scene_session_manager_lite_stub.cpp index 05b5734be8..e8164de63e 100644 --- a/window_scene/session_manager/src/zidl/scene_session_manager_lite_stub.cpp +++ b/window_scene/session_manager/src/zidl/scene_session_manager_lite_stub.cpp @@ -525,8 +525,14 @@ int SceneSessionManagerLiteStub::HandleCheckWindowId(MessageParcel& data, Messag int SceneSessionManagerLiteStub::HandleRegisterWindowManagerAgent(MessageParcel& data, MessageParcel& reply) { - auto type = static_cast(data.ReadUint32()); - WLOGFI("run HandleRegisterWindowManagerAgent!, type=%{public}u", static_cast(type)); + uint32_t typeId = 0; + if (!data.ReadUint32(typeId) || + typeId < static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_FOCUS) || + typeId >= static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_END)) { + return ERR_INVALID_DATA; + } + WindowManagerAgentType type = static_cast(typeId); + WLOGFI("run HandleRegisterWindowManagerAgent!, type=%{public}u", typeId); sptr windowManagerAgentObject = data.ReadRemoteObject(); sptr windowManagerAgentProxy = iface_cast(windowManagerAgentObject); @@ -537,8 +543,14 @@ int SceneSessionManagerLiteStub::HandleRegisterWindowManagerAgent(MessageParcel& int SceneSessionManagerLiteStub::HandleUnregisterWindowManagerAgent(MessageParcel& data, MessageParcel& reply) { - auto type = static_cast(data.ReadUint32()); - WLOGFI("run HandleUnregisterWindowManagerAgent!, type=%{public}u", static_cast(type)); + uint32_t typeId = 0; + if (!data.ReadUint32(typeId) || + typeId < static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_FOCUS) || + typeId >= static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_END)) { + return ERR_INVALID_DATA; + } + WindowManagerAgentType type = static_cast(typeId); + WLOGFI("run HandleUnregisterWindowManagerAgent!, type=%{public}u", typeId); sptr windowManagerAgentObject = data.ReadRemoteObject(); sptr windowManagerAgentProxy = iface_cast(windowManagerAgentObject); diff --git a/window_scene/session_manager/src/zidl/scene_session_manager_stub.cpp b/window_scene/session_manager/src/zidl/scene_session_manager_stub.cpp index ad982353f8..f68a9bae3d 100644 --- a/window_scene/session_manager/src/zidl/scene_session_manager_stub.cpp +++ b/window_scene/session_manager/src/zidl/scene_session_manager_stub.cpp @@ -361,8 +361,14 @@ int SceneSessionManagerStub::HandleRequestFocusStatus(MessageParcel& data, Messa int SceneSessionManagerStub::HandleRegisterWindowManagerAgent(MessageParcel& data, MessageParcel& reply) { - auto type = static_cast(data.ReadUint32()); - WLOGFI("run HandleRegisterWindowManagerAgent!, type=%{public}u", static_cast(type)); + uint32_t typeId = 0; + if (!data.ReadUint32(typeId) || + typeId < static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_FOCUS) || + typeId >= static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_END)) { + return ERR_INVALID_DATA; + } + WindowManagerAgentType type = static_cast(typeId); + WLOGFI("run HandleRegisterWindowManagerAgent!, type=%{public}u", typeId); sptr windowManagerAgentObject = data.ReadRemoteObject(); sptr windowManagerAgentProxy = iface_cast(windowManagerAgentObject); @@ -373,8 +379,14 @@ int SceneSessionManagerStub::HandleRegisterWindowManagerAgent(MessageParcel& dat int SceneSessionManagerStub::HandleUnregisterWindowManagerAgent(MessageParcel& data, MessageParcel& reply) { - auto type = static_cast(data.ReadUint32()); - WLOGFI("run HandleUnregisterWindowManagerAgent!, type=%{public}u", static_cast(type)); + uint32_t typeId = 0; + if (!data.ReadUint32(typeId) || + typeId < static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_FOCUS) || + typeId >= static_cast(WindowManagerAgentType::WINDOW_MANAGER_AGENT_TYPE_END)) { + return ERR_INVALID_DATA; + } + WindowManagerAgentType type = static_cast(typeId); + WLOGFI("run HandleUnregisterWindowManagerAgent!, type=%{public}u", typeId); sptr windowManagerAgentObject = data.ReadRemoteObject(); sptr windowManagerAgentProxy = iface_cast(windowManagerAgentObject); @@ -787,7 +799,11 @@ int SceneSessionManagerStub::HandleGetUIContentRemoteObj(MessageParcel& data, Me int SceneSessionManagerStub::HandleBindDialogTarget(MessageParcel& data, MessageParcel& reply) { WLOGFI("run HandleBindDialogTarget!"); - uint64_t persistentId = data.ReadUint64(); + uint64_t persistentId = 0; + if (!data.ReadUint64(persistentId)) { + TLOGE(WmsLogTag::WMS_LIFE, "Read persistentId failed"); + return ERR_TRANSACTION_FAILED; + } sptr remoteObject = data.ReadRemoteObject(); WSError ret = BindDialogSessionTarget(persistentId, remoteObject); reply.WriteUint32(static_cast(ret)); diff --git a/wmserver/src/zidl/window_manager_stub.cpp b/wmserver/src/zidl/window_manager_stub.cpp index d3500fc0f1..74d3e50a68 100644 --- a/wmserver/src/zidl/window_manager_stub.cpp +++ b/wmserver/src/zidl/window_manager_stub.cpp @@ -369,7 +369,11 @@ int32_t WindowManagerStub::OnRemoteRequest(uint32_t code, MessageParcel& data, M break; } case WindowManagerMessage::TRANS_ID_BIND_DIALOG_TARGET: { - uint32_t windowId = data.ReadUint32(); + uint32_t windowId = 0; + if (!data.ReadUint32(windowId)) { + TLOGE(WmsLogTag::DEFAULT, "Failed to readInt32 windowId"); + return ERR_INVALID_DATA; + } sptr targetToken = data.ReadRemoteObject(); if (targetToken == nullptr) { TLOGE(WmsLogTag::WMS_DIALOG, "Read targetToken object failed!");