Add null checks in stacktrace.cc
We have seen crashes originating from derefencing nullptrs in this code,
for unknown reasons. This CL adds null checks to protect against this.
The stacktraces will be missing or truncated when this happens.
Bug: b/147338449
Change-Id: Ieb006f0f8dec4f9621e4df2e2c1a9641f086df86
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/173593
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Commit-Queue: Magnus Jedvert <magjed@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#31079}
diff --git a/sdk/android/native_api/stacktrace/stacktrace.cc b/sdk/android/native_api/stacktrace/stacktrace.cc
index df1ee64..6350aca 100644
--- a/sdk/android/native_api/stacktrace/stacktrace.cc
+++ b/sdk/android/native_api/stacktrace/stacktrace.cc
@@ -105,6 +105,10 @@
SignalHandlerOutputState* const output_state =
static_cast<SignalHandlerOutputState*>(unwind_output_state);
+ // Abort if output state is corrupt.
+ if (output_state == nullptr)
+ return _URC_END_OF_STACK;
+
// Avoid overflowing the stack trace array.
if (output_state->stack_size_counter >= kMaxStackSize)
return _URC_END_OF_STACK;
@@ -121,8 +125,13 @@
// This signal handler is exectued on the interrupted thread.
void SignalHandler(int signum, siginfo_t* info, void* ptr) {
- _Unwind_Backtrace(&UnwindBacktrace, g_signal_handler_output_state);
- g_signal_handler_output_state->signal_handler_finish_event.Signal();
+ // This should have been set by the thread requesting the stack trace.
+ SignalHandlerOutputState* signal_handler_output_state =
+ g_signal_handler_output_state;
+ if (signal_handler_output_state != nullptr) {
+ _Unwind_Backtrace(&UnwindBacktrace, signal_handler_output_state);
+ signal_handler_output_state->signal_handler_finish_event.Signal();
+ }
}
// Temporarily change the signal handler to a function that records a raw stack
