Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_av / 9a9c3ab4d76f03f3abb3756bca9cdfe55c74326a
commit9a9c3ab4d76f03f3abb3756bca9cdfe55c74326a[log] [tgz]
authorJeff Tinker <jtinker@google.com>Thu Apr 19 16:23:21 2018 -0700
committerJeff Tinker <jtinker@google.com>Fri May 11 16:40:17 2018 +0000
tree83e6850acd836e6da37b6eaf9fed9bb0e36eb26b
parent2b37975b8904ef25b2fd42db442e286ea1d48299 [diff]
Fix security vulnerability in CryptoHal

CryptoHal was not checking that the memory heap set by setHeap
was the same one that was actually used for the decrypt call, allowing
the caller to spoof the decrypt call into accessing arbitrary memory.

bug:76221123
test: mediadrmserverpoc included in the bug & GTS media tests
Change-Id: I35214a1a6d0a4b864123e147d1a1adc2377bfbc5
Merged-in: I4ae6d1080be406bf53e3617c59c75206cc5066c6
2 files changed
tree: 83e6850acd836e6da37b6eaf9fed9bb0e36eb26b
  1. camera/
  2. cmds/
  3. drm/
  4. include/
  5. media/
  6. radio/
  7. services/
  8. soundtrigger/
  9. tools/
  10. Android.bp
  11. CleanSpec.mk
  12. MODULE_LICENSE_APACHE2
  13. NOTICE