24afa4eebf0b63154816f6622ee9fa5426c784de - platform/hardware/qcom/media

commit	24afa4eebf0b63154816f6622ee9fa5426c784de	[log] [tgz]
author	Praveen Chavan <pchavan@codeaurora.org>	Fri Sep 16 18:48:20 2016 -0700
committer	gitbuildkicker <android-build@google.com>	Thu Oct 27 15:19:32 2016 -0700
tree	b842976fa8908d8832742f9b184316f18b74354f
parent	51412be425ec1066acdd2b0e07796d56f0f55543 [diff]

mm-video-v4l2: vdec: Disallow input usebuffer for secure case

In secure mode, input buffer _must_ be allocated by the component to
allocate a secure buffer.
Client-supplied memory via usebuffer does not qualify as secure-memory
and must be rejected. This also avoids accidental heap-overflow while
copying bitstream from user-memory to a smaller-sized secure-payload
(usually the buffer-header itself)

Bug : 30148882
Fixes : Heap Overflow/LPE in MediaServer (libOmxVdec problem #11)

CRs-Fixed: 1071731
Change-Id: Ibbde2d6a9c1f30e8482a533cadb13e44d8dcb2c0
(cherry picked from commit 2495a6921d14854debc2a7fc1639141eb71d5c21)

msm8974/mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp[diff]
msm8996/mm-video-v4l2/vidc/vdec/src/omx_vdec_v4l2.cpp[diff]

2 files changed

tree: b842976fa8908d8832742f9b184316f18b74354f

msm8974/
msm8996/
Android.mk
CleanSpec.mk