Android 7.1.2 release 11
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEABECAAYFAlkHVwQACgkQ6K0/gZqxDniS0ACfVBAkmP6fI+2LqDkyOkXblTdE
zI4An02kZGjj/Zo5lHJYImC7BwedPf3Q
=i5/J
-----END PGP SIGNATURE-----
Add bounds check in SoftAACEncoder2::onQueueFilled()

Original code blindly copied some header information into the
user-supplied buffer without checking for sufficient space.
The code does check when it gets to filling the data -- it's
just the header copies that weren't checked.

Bug: 34617444
Test: ran POC before/after
Change-Id: I6e80ec90616f6cd02bb8316cd2d6e309b7e4729d
(cherry picked from commit 6231243626b8b9c57593b1f0ee417f2c4af4c0aa)
1 file changed