Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit f0364ba2 authored by Edwin Wong's avatar Edwin Wong Committed by Anis Assi
Browse files

[DO NOT MERGE] Fix heap buffer overflow for releaseSecureStops. 

If the input SecureStopRelease size is less than sizeof(uint32_t)
in releaseSecureStops(), an out of bound read will occur.

bug: 144766455
bug: 144746235
bug: 147281068

Test: sts
ANDROID_BUILD_TOP= ./android-sts/tools/sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Poc19_11#testPocBug_144766455

Change-Id: I050504c1ef4e5c41fb47ee97e98db41399288a91
(cherry picked from commit 2587ab6c)
parent e79a0716
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment