| commit | f4a88c8ed4f8186b3d6e2852993e063fc33ff231 | [log] [tgz] |
|---|---|---|
| author | Joshua J. Drake <android-open-source@qoop.org> | Mon May 04 17:14:11 2015 -0500 |
| committer | The Android Automerger <android-build@google.com> | Thu Jul 09 14:03:00 2015 -0700 |
| tree | cc62d67d586327578eae760574d93ccab2377a46 | |
| parent | 3cb1b6944e776863aea316e25fdc16d7f9962902 [diff] |
Fix integer underflow in covr MPEG4 processing When the 'chunk_data_size' variable is less than 'kSkipBytesOfDataBox', an integer underflow can occur. This causes an extraordinarily large value to be passed to MetaData::setData, leading to a buffer overflow. Bug: 20923261 Change-Id: Icd28f63594ad941eabb3a12c750a4a2d5d2bf94b