CVE-2023-40131

)]}’ { "commit": "0cda11569dd256ff3220b4fe44f861f8081d7116", "tree": "76c88564d59b51976e524a8eb2a394c269786e01", "parents": [ “686a75e8cd7a20c613dca5fec9d5a7877d360bac” ], "author": { "name": "sergiuferentz", "email": "[email protected]", "time": “Mon Jun 26 18:01:47 2023 +0000” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu Aug 10 17:11:52 2023 +0000” }, "message": "Fix for heap-use-after-free in GPUService.cpp\n\nThis adds a unit test and fix for the bug reported by libfuzzer.\nChanges made:\n * Expose GPUService as testable code.\n * Update main_gpuservice.cpp to use the new GpuService now located at\n gpuservice/GpuService.h\n * Make initializer threads members of GpuService\n * Join the threads in destructor to prevent heap-use-after-free.\n * Add unit test that waits 3 seconds after deallocation to ensure no\n wrong access is made.\n\nBug: 282919145\nTest: Added unit test and ran on device with ASAN\n(cherry picked from commit 3c00cbc0f119c3f59325aa6d5061529feb58462b)\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:7fb707802ee4c667d1ee6065ae2845d835b47aeb)\nMerged-In: I4d1d2d4658b575bf2c8f425f91f68f03114ad029\nChange-Id: I4d1d2d4658b575bf2c8f425f91f68f03114ad029\n", "tree_diff": [ { "type": "modify", "old_id": "5b4ee21b423353b3ba8fafe8559ebe2a2e1b24e1", "old_mode": 33188, "old_path": "services/gpuservice/Android.bp", "new_id": "020940f04e7ce0a8c7b92180446e010336060ae4", "new_mode": 33188, "new_path": “services/gpuservice/Android.bp” }, { "type": "modify", "old_id": "7b9782f4e8972debbae12326760ff70c3a61de5c", "old_mode": 33188, "old_path": "services/gpuservice/GpuService.cpp", "new_id": "5643940a6eb4b727eadc881e5633553425d2331b", "new_mode": 33188, "new_path": “services/gpuservice/GpuService.cpp” }, { "type": "rename", "old_id": "d7313d165e3544ba2cbb05e7a8f4febc06a75a8d", "old_mode": 33188, "old_path": "services/gpuservice/GpuService.h", "new_id": "3e0ae66f39853ea3a9f2dbb0c8afeb1167872f83", "new_mode": 33188, "new_path": "services/gpuservice/include/gpuservice/GpuService.h", "score": 94 }, { "type": "modify", "old_id": "64aafcab6a39fbe1e63531926de29f72c8a65af9", "old_mode": 33188, "old_path": "services/gpuservice/main_gpuservice.cpp", "new_id": "200237219e00b261f8f8bc81ff61c428a22ba882", "new_mode": 33188, "new_path": “services/gpuservice/main_gpuservice.cpp” }, { "type": "modify", "old_id": "4fb0d2e734b8f3a2c2cff8466eedafa6a2cb4c62", "old_mode": 33188, "old_path": "services/gpuservice/tests/unittests/Android.bp", "new_id": "808c86bcae900abf043dc27e9e4045d8163dbaf4", "new_mode": 33188, "new_path": “services/gpuservice/tests/unittests/Android.bp” }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "62b3e53f5347dbff7d7bc5d2f64f6612247e46dd", "new_mode": 33188, "new_path": “services/gpuservice/tests/unittests/GpuServiceTest.cpp” } ] }