Fix integer overflow in unsafeReadTypedVector

Passing a size to std::vector that is too big causes it to silently
under-allocate when exceptions are disabled, leaving us open to an OOB
write. We check the bounds and the resulting size now to verify
allocation succeeds.

Test: Verified reproducer attached to bug no longer crashes Camera
Bug: 31677614

Change-Id: I064b1442838032d93658f8bf63b7aa6d021c99b7
(cherry picked from commit 65a8f07e57a492289798ca709a311650b5bd5af1)
1 file changed