Project-1CE/frameworks_av - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Edwin Wong <edwinwong@google.com>	2021-02-02 21:36:34 -0800
committer	Edwin Wong <edwinwong@google.com>	2021-02-25 17:53:57 +0000
commit	49c0fe413ceb2e0cef356d2738d63bb873845e04 (patch)
tree	9a3f013fcb9373b65ace30e33ab32a5afd15ec76 /media/libmediatranscoding/TranscodingClientManager.cpp
parent	23a3c612893597b2c1d6507ef9c94ae25f8cdcbe (diff)

Fix potential decrypt destPtr overflow.

There is a potential integer overflow to bypass the destination base size check in decrypt. The destPtr can then point to the outside of the destination buffer. Test: sts-tradefed sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Bug_176444622#testPocBug_176444622 Test: push to device with target_hwasan-userdebug build adb shell /data/local/tmp/Bug-17644462264 Bug: 176444622 Bug: 176496353 Change-Id: Idac48307edd45fc8282902c4beeb2c8ca94f8cf3 Merged-In: Idac48307edd45fc8282902c4beeb2c8ca94f8cf3

Diffstat (limited to 'media/libmediatranscoding/TranscodingClientManager.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: