Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_av / c87faed60483afb2466e03892bda80b72e5822c7
commitc87faed60483afb2466e03892bda80b72e5822c7[log] [tgz]
authorJoshua J. Drake <android-open-source@qoop.org>Mon May 04 17:14:11 2015 -0500
committerNick Kralevich <nnk@google.com>Tue Aug 04 13:58:23 2015 -0700
treeace05d3b571e33ebb187497647db39c797f8c62c
parentf1ce97ddc2f82d844a6fb8341585eb7b2e655f44 [diff]
Fix integer underflow in covr MPEG4 processing

When the 'chunk_data_size' variable is less than 'kSkipBytesOfDataBox', an
integer underflow can occur. This causes an extraordinarily large value to
be passed to MetaData::setData, leading to a buffer overflow.

Bug: 20923261
(cherry picked from commit 4a492bf2ac47b9844d2527e1fcdf0064c3d8d52e)

Change-Id: I83490cbaf5b368073fcd8668a9241dfc90bebd90
1 file changed
tree: ace05d3b571e33ebb187497647db39c797f8c62c
  1. camera/
  2. cmds/
  3. drm/
  4. include/
  5. libvideoeditor/
  6. media/
  7. services/
  8. MODULE_LICENSE_APACHE2
  9. NOTICE