Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_av / 4183d539fd9528d79d2c740769d01233b19017a1
commit4183d539fd9528d79d2c740769d01233b19017a1[log] [tgz]
authorJeff Tinker <jtinker@google.com>Fri May 20 17:19:31 2016 -0700
committerJeff Tinker <jtinker@google.com>Fri May 20 17:30:03 2016 -0700
tree16cb45c31a56e8325c092d469c21d15517a54b6d
parentd5c8642dfba7e6465582701756f2c161aa14d9a3 [diff]
Fix Security Vulnerability in mediaserver

Crash on new CryptoPlugin::SubSample[].  numSubSamples
wasn't sanity checked, a malicious caller could pass
a very large number of subsamples causing the new
operator to fail which would crash the server process.
Add a sanity check to numSubSamples, which is defined
by the ISO-BMFF spec to be represented as unsigned 16
bits.

bug: 23718580
Change-Id: I36e18e60f2515289d1873640a3408c01e40a1174
1 file changed
tree: 16cb45c31a56e8325c092d469c21d15517a54b6d
  1. camera/
  2. cmds/
  3. drm/
  4. include/
  5. media/
  6. radio/
  7. services/
  8. soundtrigger/
  9. tools/
  10. CleanSpec.mk
  11. MODULE_LICENSE_APACHE2
  12. NOTICE