From e7dc50171975a310305394f0d863e8cf63946bf6 Mon Sep 17 00:00:00 2001
From: Arthur Hung <arthurhung@google.com>
Date: Wed, 20 Mar 2019 17:04:26 +0800
Subject: [PATCH] Make InputApplicationInfo as a part of InputApplicationHandle
 (2/2)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

InputWindowHandle::updateInfo would also call
InputApplicationHandle::updateInfo that may access the null pointer if the
focus application changed in same time.

- To replace allocated mInfo in updateInfo(), make it as an object
  member variable of InputApplicationHandle.

Bug: 128930899
Test: atest inputflinger_tests
Change-Id: I7494527be8ae7e76bea672c3dc33380aef07b057
---
 ...roid_hardware_input_InputApplicationHandle.cpp | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/core/jni/android_hardware_input_InputApplicationHandle.cpp b/core/jni/android_hardware_input_InputApplicationHandle.cpp
index b9301d40d4b8d..71edfd553e7ea 100644
--- a/core/jni/android_hardware_input_InputApplicationHandle.cpp
+++ b/core/jni/android_hardware_input_InputApplicationHandle.cpp
@@ -56,30 +56,25 @@ bool NativeInputApplicationHandle::updateInfo() {
     JNIEnv* env = AndroidRuntime::getJNIEnv();
     jobject obj = env->NewLocalRef(mObjWeak);
     if (!obj) {
-        releaseInfo();
         return false;
     }
 
-    if (!mInfo) {
-        mInfo = new InputApplicationInfo();
-    }
+    mInfo.name = getStringField(env, obj, gInputApplicationHandleClassInfo.name, "<null>");
 
-    mInfo->name = getStringField(env, obj, gInputApplicationHandleClassInfo.name, "<null>");
-
-    mInfo->dispatchingTimeout = env->GetLongField(obj,
+    mInfo.dispatchingTimeout = env->GetLongField(obj,
             gInputApplicationHandleClassInfo.dispatchingTimeoutNanos);
 
     jobject tokenObj = env->GetObjectField(obj,
             gInputApplicationHandleClassInfo.token);
     if (tokenObj) {
-        mInfo->token = ibinderForJavaObject(env, tokenObj);
+        mInfo.token = ibinderForJavaObject(env, tokenObj);
         env->DeleteLocalRef(tokenObj);
     } else {
-        mInfo->token.clear();
+        mInfo.token.clear();
     }
 
     env->DeleteLocalRef(obj);
-    return true;
+    return mInfo.token.get() != nullptr;
 }