1f73a728ef4b6d7d350c0715bdb10d59e5b5f9be - platform/system/media

commit	1f73a728ef4b6d7d350c0715bdb10d59e5b5f9be	[log] [tgz]
author	Phil Burk <philburk@google.com>	Tue Mar 03 12:51:15 2020 -0800
committer	Phil Burk <philburk@google.com>	Tue May 12 13:49:28 2020 -0700
tree	499fca93f3bdfb0549e49a2fa2736e002b9bd698
parent	fb7587fe4dd9d519b60c6b56803648a1a1808995 [diff]

spdif: fix possible buffer overflow

SPDIF burst buffer could overflow if given bad data.
Check for frmsiz in header being too low.
Prevent numeric overflow in pending bytes calculation.
Prevent numeric overflow when checking for buffer overflow.

Bug: 145262423
Test: tests/spdif_tests.cpp
Change-Id: Ifc7f8c8946388e19f39f35d649a5936568f8b9b2
Merged-In: Ifc7f8c8946388e19f39f35d649a5936568f8b9b2

audio_utils/include/audio_utils/spdif/SPDIFEncoder.h[diff]
audio_utils/spdif/AC3FrameScanner.cpp[diff]
audio_utils/spdif/FrameScanner.cpp[diff]
audio_utils/spdif/SPDIFEncoder.cpp[diff]

4 files changed

tree: 499fca93f3bdfb0549e49a2fa2736e002b9bd698

alsa_utils/
audio/
audio_effects/
audio_route/
audio_utils/
camera/
private/
radio/
Android.bp
CleanSpec.mk
MODULE_LICENSE_APACHE2
NOTICE
OWNERS