Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 4183d539 authored by Jeff Tinker's avatar Jeff Tinker
Browse files

Fix Security Vulnerability in mediaserver 

Crash on new CryptoPlugin::SubSample[].  numSubSamples
wasn't sanity checked, a malicious caller could pass
a very large number of subsamples causing the new
operator to fail which would crash the server process.
Add a sanity check to numSubSamples, which is defined
by the ISO-BMFF spec to be represented as unsigned 16
bits.

bug: 23718580
Change-Id: I36e18e60f2515289d1873640a3408c01e40a1174
parent d5c8642d
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment