Better buffer-overrun prevention
fixes end-of-buffer detection. Adds buffer-was-empty detection.
Bug: 204445255
Test: ran poc from bug
Change-Id: I42117ce1455d1cac2bd43f16d67d77ec436b0fe2
(cherry picked from commit b51ed962d5186b68f883540e557894e881a8272d)
(cherry picked from commit 190e90959f3c34781c5276d50a5ee561c438db09)
Merged-In:I42117ce1455d1cac2bd43f16d67d77ec436b0fe2
diff --git a/media/libmediametrics/include/media/MediaMetricsItem.h b/media/libmediametrics/include/media/MediaMetricsItem.h
index 428992c..d69f78e 100644
--- a/media/libmediametrics/include/media/MediaMetricsItem.h
+++ b/media/libmediametrics/include/media/MediaMetricsItem.h
@@ -469,16 +469,15 @@
template <> // static
status_t extract(std::string *val, const char **bufferpptr, const char *bufferptrmax) {
const char *ptr = *bufferpptr;
- while (*ptr != 0) {
+ do {
if (ptr >= bufferptrmax) {
ALOGE("%s: buffer exceeded", __func__);
return BAD_VALUE;
}
- ++ptr;
- }
- const size_t size = (ptr - *bufferpptr) + 1;
+ } while (*ptr++ != 0);
+ // ptr is terminator+1, == bufferptrmax if we finished entire buffer
*val = *bufferpptr;
- *bufferpptr += size;
+ *bufferpptr = ptr;
return NO_ERROR;
}
template <> // static