Android 7.1.2 Release 14 (NHG47N)
-----BEGIN PGP SIGNATURE-----

iEYEABECAAYFAlkx4L0ACgkQ6K0/gZqxDnipOACffmyJuLVomZ+r+B+CIKFOdc1b
0dEAni4bFmnv2ehAw9MtP4aJcY3oXJ2Z
=8ge3
-----END PGP SIGNATURE-----
Add bounds check in SoftAACEncoder2::onQueueFilled()

Original code blindly copied some header information into the
user-supplied buffer without checking for sufficient space.
The code does check when it gets to filling the data -- it's
just the header copies that weren't checked.

Bug: 34617444
Test: ran POC before/after
Change-Id: I6e80ec90616f6cd02bb8316cd2d6e309b7e4729d
(cherry picked from commit 6231243626b8b9c57593b1f0ee417f2c4af4c0aa)
1 file changed