Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_av / 9ef855d02352613880d593a94dc6a1d74b363177
commit9ef855d02352613880d593a94dc6a1d74b363177[log] [tgz]
authorIvan Lozano <ivanlozano@google.com>Mon Jan 08 15:19:09 2018 -0800
committerIvan Lozano <ivanlozano@google.com>Fri Jan 12 11:07:24 2018 -0800
treebd6910a46183097e946981ceab7a02661be16c25
parent61aaab8039993c35da4c3d7f3c2825cce0a71481 [diff]
Fix overflow sanitizer in copyWithAuthor.

The array index calculation in NBLog.cpp causes a runtime error on
integer overflow sanitized builds. Although kPreviousLengthOffset is now
ssize_t, sizeof() returns size_t, which is causing kPreviousLengthOffset
to be implicitly cast to size_t, resulting in the overflow.

 runtime error: unsigned integer overflow: 27 + 4294967295 cannot be
 represented in type 'unsigned int'

This restructures the buffer index to avoid the overflow all together.

Bug: 30969751
Test: Compiles, device boots.
Change-Id: I9abb858190ecdeeaede66cf502ceb586467d5c0c
1 file changed
tree: bd6910a46183097e946981ceab7a02661be16c25
  1. camera/
  2. cmds/
  3. drm/
  4. include/
  5. media/
  6. packages/
  7. services/
  8. soundtrigger/
  9. tools/
  10. Android.bp
  11. CleanSpec.mk
  12. MODULE_LICENSE_APACHE2
  13. NOTICE
  14. OWNERS