From 3167625a152141abece506815fcad91553e5a623 Mon Sep 17 00:00:00 2001 From: Nathan Harold Date: Tue, 16 Jan 2018 12:08:43 -0800 Subject: [PATCH] Prevent Closure of Underlying Socket FDs The version of applyTransportModeTransform() and removeTransportModeTransform() that accepted Socket and DatagramSocket were closing the underlying FDs upon return. It's unclear whether this is due to a behavior change elsewhere in ParcelFileDescriptor, but either way, converting to using getFileDescriptor$ and then calling dup() explicitly rather than relying on ParcelFileDescriptor seems like a better idea anyway. Bug: 72047396 Test: CTS - IpSecManagerTest.testCreateTransform() Change-Id: Ia2f02564e1289f25bf113dbb861fcfd2240537a7 --- core/java/android/net/IpSecManager.java | 35 ++++--------------------- 1 file changed, 5 insertions(+), 30 deletions(-) diff --git a/core/java/android/net/IpSecManager.java b/core/java/android/net/IpSecManager.java index 67d4fcac97..2202df3baf 100644 --- a/core/java/android/net/IpSecManager.java +++ b/core/java/android/net/IpSecManager.java @@ -313,9 +313,7 @@ public final class IpSecManager { public void applyTransportModeTransform( Socket socket, int direction, IpSecTransform transform) throws IOException { - try (ParcelFileDescriptor pfd = ParcelFileDescriptor.fromSocket(socket)) { - applyTransportModeTransform(pfd, direction, transform); - } + applyTransportModeTransform(socket.getFileDescriptor$(), direction, transform); } /** @@ -347,9 +345,7 @@ public final class IpSecManager { */ public void applyTransportModeTransform( DatagramSocket socket, int direction, IpSecTransform transform) throws IOException { - try (ParcelFileDescriptor pfd = ParcelFileDescriptor.fromDatagramSocket(socket)) { - applyTransportModeTransform(pfd, direction, transform); - } + applyTransportModeTransform(socket.getFileDescriptor$(), direction, transform); } /** @@ -383,18 +379,8 @@ public final class IpSecManager { FileDescriptor socket, int direction, IpSecTransform transform) throws IOException { // We dup() the FileDescriptor here because if we don't, then the ParcelFileDescriptor() - // constructor takes control and closes the user's FD when we exit the method - // This is behaviorally the same as the other versions, but the PFD constructor does not - // dup() automatically, whereas PFD.fromSocket() and PDF.fromDatagramSocket() do dup(). + // constructor takes control and closes the user's FD when we exit the method. try (ParcelFileDescriptor pfd = ParcelFileDescriptor.dup(socket)) { - applyTransportModeTransform(pfd, direction, transform); - } - } - - /* Call down to activate a transform */ - private void applyTransportModeTransform( - ParcelFileDescriptor pfd, int direction, IpSecTransform transform) throws IOException { - try { mService.applyTransportModeTransform(pfd, direction, transform.getResourceId()); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); @@ -433,9 +419,7 @@ public final class IpSecManager { */ public void removeTransportModeTransforms(Socket socket, IpSecTransform transform) throws IOException { - try (ParcelFileDescriptor pfd = ParcelFileDescriptor.fromSocket(socket)) { - removeTransportModeTransforms(pfd, transform); - } + removeTransportModeTransforms(socket.getFileDescriptor$(), transform); } /** @@ -455,9 +439,7 @@ public final class IpSecManager { */ public void removeTransportModeTransforms(DatagramSocket socket, IpSecTransform transform) throws IOException { - try (ParcelFileDescriptor pfd = ParcelFileDescriptor.fromDatagramSocket(socket)) { - removeTransportModeTransforms(pfd, transform); - } + removeTransportModeTransforms(socket.getFileDescriptor$(), transform); } /** @@ -478,13 +460,6 @@ public final class IpSecManager { public void removeTransportModeTransforms(FileDescriptor socket, IpSecTransform transform) throws IOException { try (ParcelFileDescriptor pfd = ParcelFileDescriptor.dup(socket)) { - removeTransportModeTransforms(pfd, transform); - } - } - - /* Call down to remove a transform */ - private void removeTransportModeTransforms(ParcelFileDescriptor pfd, IpSecTransform transform) { - try { mService.removeTransportModeTransforms(pfd, transform.getResourceId()); } catch (RemoteException e) { throw e.rethrowFromSystemServer();