diff options
author | Ryan Mitchell <rtmitchell@google.com> | 2018-05-30 12:17:01 -0700 |
---|---|---|
committer | Ryan Mitchell <rtmitchell@google.com> | 2018-06-06 17:12:01 +0000 |
commit | 8cf0f988b0c64bcf2c199bb76439c51c257dd162 (patch) | |
tree | c4cd04cf8e6ffb10bcf9cdb64671d4e0cfbd4a51 /docs/html/sdk/api_diff/20/changes | |
parent | 857326e3731939f6ec7979e1d86585bf0ea484f4 (diff) |
Fix DynamicRefTable::load security bug
DynamicRefTables parsed from apks are missing bounds checks that prevent
buffer overflows. This changes verifies the bounds of the header before
attempting to preform operations on the chunk.
Bug: 79488511
Test: run cts -m CtsAppSecurityHostTestCases \
-t android.appsecurity.cts.CorruptApkTests
Change-Id: I02c8ad957da244fce777ac68a482e4e8fa70f846
Merged-In: I02c8ad957da244fce777ac68a482e4e8fa70f846
Diffstat (limited to 'docs/html/sdk/api_diff/20/changes')
0 files changed, 0 insertions, 0 deletions