commit 88ac54a4e8d2a63e4fd9c465e115795ace316776
author Colin Cross <ccross@android.com> Tue Jan 29 14:58:57 2013 -0800
committer Colin Cross <ccross@android.com> Mon Jun 17 12:44:35 2013 -0700
tree 76a19b1316ec538c7613ae7efa3d61dab41a7cbf
parent 9f5af635010a7ba92edf1fca543f7271cc9d75c8

init: verify size of property buffers passed to property_get

Verify that the buffer passed as the value parameter to property_get
is always big enough.

Change-Id: Ie5b6fcd94bb908215cfd55d0c9b07f717ddb70b1

init/property_service.c

diff --git a/init/property_service.c b/init/property_service.c
index 79ff6c0..846a0a3 100644
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -272,7 +272,7 @@
     return 0;
 }
 
-int property_get(const char *name, char value[PROP_VALUE_MAX])
+int __property_get(const char *name, char *value)
 {
     return __system_property_get(name, value);
 }

init/property_service.h

diff --git a/init/property_service.h b/init/property_service.h
index b08c118..46cbd8f 100644
--- a/init/property_service.h
+++ b/init/property_service.h
@@ -26,9 +26,25 @@
 extern void load_persist_props(void);
 extern void start_property_service(void);
 void get_property_workspace(int *fd, int *sz);
-extern int property_get(const char *name, char value[PROP_VALUE_MAX]);
+extern int __property_get(const char *name, char *value);
 extern int property_set(const char *name, const char *value);
 extern int properties_inited();
 int get_property_set_fd(void);
 
+extern void __property_get_size_error()
+    __attribute__((__error__("property_get called with too small buffer")));
+
+static inline
+__attribute__ ((always_inline))
+__attribute__ ((gnu_inline))
+__attribute__ ((artificial))
+int property_get(const char *name, char *value)
+{
+    size_t value_len = __builtin_object_size(value, 0);
+    if (value_len != PROP_VALUE_MAX)
+        __property_get_size_error();
+
+    return __property_get(name, value);
+}
+
 #endif	/* _INIT_PROPERTY_H */