Fix several ineffective integer overflow checks (e2e812e5) · Commits · e / devices / smdk4412 / android_frameworks_av

media/libstagefright/SampleTable.cpp

+3 −3

Original line number	Diff line number	Diff line
		@@ -330,7 +330,7 @@ status_t SampleTable::setTimeToSampleParams(
		}

		mTimeToSampleCount = U32_AT(&header[4]);
		uint64_t allocSize = mTimeToSampleCount * 2 * sizeof(uint32_t);
		uint64_t allocSize = mTimeToSampleCount * 2 * (uint64_t)sizeof(uint32_t);
		if (allocSize > SIZE_MAX) {
		return ERROR_OUT_OF_RANGE;
		}
		@@ -376,7 +376,7 @@ status_t SampleTable::setCompositionTimeToSampleParams(
		}

		mNumCompositionTimeDeltaEntries = numEntries;
		uint64_t allocSize = numEntries * 2 * sizeof(uint32_t);
		uint64_t allocSize = numEntries * 2 * (uint64_t)sizeof(uint32_t);
		if (allocSize > SIZE_MAX) {
		return ERROR_OUT_OF_RANGE;
		}
		@@ -426,7 +426,7 @@ status_t SampleTable::setSyncSampleParams(off64_t data_offset, size_t data_size)
		ALOGV("Table of sync samples is empty or has only a single entry!");
		}

		uint64_t allocSize = mNumSyncSamples * sizeof(uint32_t);
		uint64_t allocSize = mNumSyncSamples * (uint64_t)sizeof(uint32_t);
		if (allocSize > SIZE_MAX) {
		return ERROR_OUT_OF_RANGE;
		}