Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8297258e authored by Sungtak Lee's avatar Sungtak Lee Committed by Presubmit Automerger Backend
Browse files

[automerge] C2SurfaceSyncObj: prevent OOB read in Import 2p: e3958886 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/av/+/20758528

Bug: 240140929
Change-Id: If19fba3d4d051ee5a1ca6f9b5229afcc782b9e49
Merged-In: I7b4cd8aa3fa5b9b2160f0eba40a618b4dd536d5c
parents f4e746b0 e3958886

media/codec2/vndk/platform/C2SurfaceSyncObj.cpp

+5 −0
Original line number Diff line number Diff line
@@ -64,6 +64,11 @@ std::shared_ptr<C2SurfaceSyncMemory> C2SurfaceSyncMemory::Import( 
    }



    HandleSyncMem *o = static_cast<HandleSyncMem*>(handle);

    if (o->size() < sizeof(C2SyncVariables)) {

        android_errorWriteLog(0x534e4554, "240140929");

        return nullptr;

    }



    void *ptr = mmap(NULL, o->size(), PROT_READ | PROT_WRITE, MAP_SHARED, o->memFd(), 0);



    if (ptr == MAP_FAILED) {