Android 8.1.0 release 78
-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCXwOqYAAKCRDorT+BmrEO
eEdIAJ9g0mMXoBM9MsQXcMJmOQK4lmdCQgCgkco7qdoQ+Ymx5YRR0gEsOjgEJ4Y=
=jkSX
-----END PGP SIGNATURE-----
vp8_decode_frame: fix oob read on truncated key frame -- DO NOT MERGE

the check for error correction being disabled was overriding the data
length checks. this avoids returning incorrect information (width /
height) for the decoded frame which could result in inconsistent sizes
returned in to an application causing it to read beyond the bounds of
the frame allocation.

BUG=webm:1443
BUG=b/62458770
bug: 62458770

Change-Id: I063459674e01b57c0990cb29372e0eb9a1fbf342
(cherry picked from commit 071357d86191d052f3e4d1a312d019b9a76ffb35)
4 files changed