commit | 1e187b62682ffab5003c702657d6d725b4278f16 | [log] [tgz] |
---|---|---|
author | Shuzhen Wang <shuzhenwang@google.com> | Tue Feb 25 10:48:03 2020 -0800 |
committer | Shuzhen Wang <shuzhenwang@google.com> | Mon Mar 02 10:03:15 2020 -0800 |
tree | e84059f873dd8646b8fb308ca9748fc8d6825a0c | |
parent | 1a6756b78ad1c7fca57cb8521081fc01181e8f83 [diff] |
libexif: Fix unsigned integer overflow (offset + 2) itself may overflow if offset is larger than UINT_MAX-2. Refactor the code to avoid the overflow. Test: adb shell /data/fuzz/$(get_build_var TARGET_ARCH)/libexif_fuzzer/libexif_fuzzer /data/tmp/test-case Bug: 146428941 Change-Id: I2a7bb04002f166c92247f0e8abe1c5b826b29cb1