Google Git
Sign in
fuchsia / third_party / android / platform / frameworks / av / 37cc2ad557828ddb849cc791f61d671411030915
commit37cc2ad557828ddb849cc791f61d671411030915[log] [tgz]
authorJeff Tinker <jtinker@google.com>Thu Apr 19 16:23:21 2018 -0700
committerandroid-build-team Robot <android-build-team-robot@google.com>Mon Jun 11 22:27:06 2018 +0000
tree20d8b7bf6173e6b46a481ee1d9c3eb614b4cf013
parentc1a3a92a68b7438355a5e3a3c62547c3f0b6adc5 [diff]
Fix security vulnerability in CryptoHal

CryptoHal was not checking that the memory heap set by setHeap
was the same one that was actually used for the decrypt call, allowing
the caller to spoof the decrypt call into accessing arbitrary memory.

bug:76221123
test: mediadrmserverpoc included in the bug & GTS media tests
Change-Id: I35214a1a6d0a4b864123e147d1a1adc2377bfbc5
Merged-in: I4ae6d1080be406bf53e3617c59c75206cc5066c6
(cherry picked from commit 9a9c3ab4d76f03f3abb3756bca9cdfe55c74326a)
2 files changed
tree: 20d8b7bf6173e6b46a481ee1d9c3eb614b4cf013
  1. camera/
  2. cmds/
  3. drm/
  4. include/
  5. media/
  6. services/
  7. soundtrigger/
  8. tools/
  9. Android.bp
  10. CleanSpec.mk
  11. MODULE_LICENSE_APACHE2
  12. NOTICE
  13. OWNERS