Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 746c14a7 authored by Edwin Wong's avatar Edwin Wong Committed by Android (Google) Code Review
Browse files

Merge "[RESTRICT AUTOMERGE] Fix potential decrypt destPtr overflow." into pi-dev

parents ab74ca43 a44d2447

drm/mediadrm/plugins/clearkey/hidl/CryptoPlugin.cpp

+5 −3
Original line number Diff line number Diff line
@@ -111,8 +111,10 @@ Return<void> CryptoPlugin::decrypt( 
    }



    base = static_cast<uint8_t *>(static_cast<void *>(destBase->getPointer()));



    if (destBuffer.offset + destBuffer.size > destBase->getSize()) {

    totalSize = 0;

    if (__builtin_add_overflow(destBuffer.offset, destBuffer.size, &totalSize) ||

        totalSize > destBase->getSize()) {

        android_errorWriteLog(0x534e4554, "176444622");

        _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, 0, "invalid buffer size");

        return Void();

    }