Android 8.1.0 Release 79 (6560352)
-----BEGIN PGP SIGNATURE-----

iFwEABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCXyh35QAKCRDorT+BmrEO
eOqdAJ49V0Vcdo5/hT3BmHsY38OfwEi6bACUDV4GqdZImEazE2CdyzqZYjV7Gg==
=ISwP
-----END PGP SIGNATURE-----
vp8_decode_frame: fix oob read on truncated key frame -- DO NOT MERGE

the check for error correction being disabled was overriding the data
length checks. this avoids returning incorrect information (width /
height) for the decoded frame which could result in inconsistent sizes
returned in to an application causing it to read beyond the bounds of
the frame allocation.

BUG=webm:1443
BUG=b/62458770
bug: 62458770

Change-Id: I063459674e01b57c0990cb29372e0eb9a1fbf342
(cherry picked from commit 071357d86191d052f3e4d1a312d019b9a76ffb35)
4 files changed