commit | b0557222319fcaf987b2f306adae8c9a12f3e97d | [log] [tgz] |
---|---|---|
author | Jean-Michel Trivi <jmtrivi@google.com> | Tue Oct 24 17:39:19 2017 -0700 |
committer | Nikoli Cartagena <dargeren@google.com> | Mon Nov 13 22:20:06 2017 -0800 |
tree | 09d34400d09b62e121fc53b54112afc996b00762 | |
parent | f73ea1a55ac01f8a1de7a3fc6bc063a3768dcb6c [diff] |
DO NOT MERGE Prevent out of bound memory access in GetInvInt In GetInvInt(int) function, malicious content can access memory outside of the invCount array. Always bound access to valid indices. Test: see bug for malicious content, decoded with "stagefright -s -a" Bug: 65025048 Change-Id: I92d4a14519f45d5a329d7f69f21f2aef0a8c6daa (cherry picked from commit 5ce724f1dda065f0e7cc4bfdd69a0bcdf31d0d98)