commit | 4ec8ab47998f9660ad15061d3e39c419cf283a8e | [log] [tgz] |
---|---|---|
author | Joshua J. Drake <android-open-source@qoop.org> | Mon May 04 17:14:11 2015 -0500 |
committer | Jon Larimer <jlarimer@google.com> | Fri Jul 31 15:04:42 2015 -0400 |
tree | 9f04fc61716692d36d94d07b96a788399daf05a8 | |
parent | 1760fbf496acfbc0f808baea5461e02158b6faa5 [diff] |
Fix integer underflow in covr MPEG4 processing When the 'chunk_data_size' variable is less than 'kSkipBytesOfDataBox', an integer underflow can occur. This causes an extraordinarily large value to be passed to MetaData::setData, leading to a buffer overflow. Bug: 20923261 Change-Id: Icd28f63594ad941eabb3a12c750a4a2d5d2bf94b