summaryrefslogtreecommitdiffstats
path: root/biometrics
diff options
context:
space:
mode:
authorNick Desaulniers <ndesaulniers@google.com>2017-08-18 10:00:44 -0700
committerNick Desaulniers <ndesaulniers@google.com>2017-08-18 17:14:53 +0000
commite637aa32b86dec4778ac8dd934266bb3755bc773 (patch)
tree88dd5d446d008fccfcc626b78bbc4e23992ed68d /biometrics
parentb96a339f5a1a2cddacdde9b84e1e1091d265428b (diff)
downloadplatform_hardware_interfaces-e637aa32b86dec4778ac8dd934266bb3755bc773.tar.gz
platform_hardware_interfaces-e637aa32b86dec4778ac8dd934266bb3755bc773.tar.bz2
platform_hardware_interfaces-e637aa32b86dec4778ac8dd934266bb3755bc773.zip
biometrics: fingerprint: add locking to default impl
There exists the following race condition: a). thread A receives setNotify and sets the callback to some object b). thread B of the wrapped implementation calls BiometricsFingerprint::notify which it was given a handle to. Thread B executes past the nullptr check: c). thread A receives setNotify and sets the callback to some other object (or nullptr) d). thread B resumes in notify with unknown state Add mutex to protect access to mClientCallback. Change-Id: I9163204ff5802e9246056caeb2a7857e6138531c Fixes: 64802340 Test: VtsHalBiometricsFingerprintV2_1IfaceFuzzer
Diffstat (limited to 'biometrics')
-rw-r--r--biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp2
-rw-r--r--biometrics/fingerprint/2.1/default/BiometricsFingerprint.h1
2 files changed, 3 insertions, 0 deletions
diff --git a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
index c6774ca222..f68795955a 100644
--- a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
+++ b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
@@ -145,6 +145,7 @@ FingerprintAcquiredInfo BiometricsFingerprint::VendorAcquiredFilter(
Return<uint64_t> BiometricsFingerprint::setNotify(
const sp<IBiometricsFingerprintClientCallback>& clientCallback) {
+ std::lock_guard<std::mutex> lock(mClientCallbackMutex);
mClientCallback = clientCallback;
// This is here because HAL 2.1 doesn't have a way to propagate a
// unique token for its driver. Subsequent versions should send a unique
@@ -259,6 +260,7 @@ fingerprint_device_t* BiometricsFingerprint::openHal() {
void BiometricsFingerprint::notify(const fingerprint_msg_t *msg) {
BiometricsFingerprint* thisPtr = static_cast<BiometricsFingerprint*>(
BiometricsFingerprint::getInstance());
+ std::lock_guard<std::mutex> lock(thisPtr->mClientCallbackMutex);
if (thisPtr == nullptr || thisPtr->mClientCallback == nullptr) {
ALOGE("Receiving callbacks before the client callback is registered.");
return;
diff --git a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h
index 5923c849c8..6d64e3d38d 100644
--- a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h
+++ b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h
@@ -69,6 +69,7 @@ private:
static FingerprintAcquiredInfo VendorAcquiredFilter(int32_t error, int32_t* vendorCode);
static BiometricsFingerprint* sInstance;
+ std::mutex mClientCallbackMutex;
sp<IBiometricsFingerprintClientCallback> mClientCallback;
fingerprint_device_t *mDevice;
};