commit | 47efc676c849e3abf32001d66e2d6eb887e83c48 | [log] [tgz] |
---|---|---|
author | Adam Vartanian <flooey@google.com> | Mon Aug 14 15:51:29 2017 +0100 |
committer | Adam Vartanian <flooey@google.com> | Thu Sep 07 10:36:19 2017 +0100 |
tree | ed39557debb04047f94a4e475dbbb06a639bdf57 | |
parent | 3a66fd2174aa4ec3b98efe807075c7413c39ce0d [diff] |
Fix integer overflow in utf{16,32}_to_utf8_length Without an explicit check, the return value can wrap around and return a value that is far too small to hold the data from the resulting conversion. No CTS test is provided because it would need to allocate at least SSIZE_MAX / 2 bytes of UTF-16 data, which is unreasonable on 64-bit devices. Bug: 37723026 Test: run cts -p android.security Change-Id: I56ba5e31657633b7f33685dd8839d4b3b998e586