diff options
| author | Leon Scroggins <scroggo@google.com> | 2020-02-12 15:41:51 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2020-02-12 15:41:51 +0000 |
| commit | 69b9dcf528137fabb0214427457518e03cd2c682 (patch) | |
| tree | 949bd826722a429f18a2de1808947b08ba3314f7 /native | |
| parent | 9ab79433f74c3d3f670f3b036f9c35ad254ba877 (diff) | |
| parent | 2e6bedf937c7fd62a044d873422561d9b1e2e245 (diff) | |
Merge "AImageDecoder: Make create enforce int32_t dimensions"
Diffstat (limited to 'native')
| -rw-r--r-- | native/graphics/jni/imagedecoder.cpp | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/native/graphics/jni/imagedecoder.cpp b/native/graphics/jni/imagedecoder.cpp index 2e4d2140809e..d1946b085df4 100644 --- a/native/graphics/jni/imagedecoder.cpp +++ b/native/graphics/jni/imagedecoder.cpp @@ -28,6 +28,7 @@ #include <utils/Color.h> #include <fcntl.h> +#include <limits> #include <optional> #include <sys/stat.h> #include <sys/types.h> @@ -70,6 +71,14 @@ static int createFromStream(std::unique_ptr<SkStreamRewindable> stream, AImageDe return ResultToErrorCode(result); } + // AImageDecoderHeaderInfo_getWidth/Height return an int32_t. Ensure that + // the conversion is safe. + const auto& info = androidCodec->getInfo(); + if (info.width() > std::numeric_limits<int32_t>::max() + || info.height() > std::numeric_limits<int32_t>::max()) { + return ANDROID_IMAGE_DECODER_INVALID_INPUT; + } + *outDecoder = reinterpret_cast<AImageDecoder*>(new ImageDecoder(std::move(androidCodec))); return ANDROID_IMAGE_DECODER_SUCCESS; } |