Google Git
Sign in
fuchsia / third_party / android / platform / frameworks / av / f0364ba28c822fb21322a8ac6cd7a2af3a5d2ec2
commitf0364ba28c822fb21322a8ac6cd7a2af3a5d2ec2[log] [tgz]
authorEdwin Wong <edwinwong@google.com>Tue Nov 26 14:40:45 2019 -0800
committerAnis Assi <anisassi@google.com>Thu Feb 06 15:18:05 2020 -0800
treebd44d2226761645428a4472a8bb62ce363e472f8
parente79a0716216edade8100dd4d6b05a69e80ce25ed [diff]
[DO NOT MERGE] Fix heap buffer overflow for releaseSecureStops.

If the input SecureStopRelease size is less than sizeof(uint32_t)
in releaseSecureStops(), an out of bound read will occur.

bug: 144766455
bug: 144746235
bug: 147281068

Test: sts
ANDROID_BUILD_TOP= ./android-sts/tools/sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Poc19_11#testPocBug_144766455

Change-Id: I050504c1ef4e5c41fb47ee97e98db41399288a91
(cherry picked from commit 2587ab6c7642062ea1791de1868c28b1164a073c)
1 file changed
tree: bd44d2226761645428a4472a8bb62ce363e472f8
  1. camera/
  2. cmds/
  3. drm/
  4. include/
  5. media/
  6. packages/
  7. services/
  8. soundtrigger/
  9. tools/
  10. Android.bp
  11. CleanSpec.mk
  12. MODULE_LICENSE_APACHE2
  13. NOTICE
  14. OWNERS