Loading media/libmedia/ICrypto.cpp +23 −1 Original line number Diff line number Diff line Loading @@ -255,7 +255,28 @@ status_t BnCrypto::onTransact( } AString errorDetailMsg; ssize_t result = decrypt( ssize_t result; size_t sumSubsampleSizes = 0; bool overflow = false; for (int32_t i = 0; i < numSubSamples; ++i) { CryptoPlugin::SubSample &ss = subSamples[i]; if (sumSubsampleSizes <= SIZE_MAX - ss.mNumBytesOfEncryptedData) { sumSubsampleSizes += ss.mNumBytesOfEncryptedData; } else { overflow = true; } if (sumSubsampleSizes <= SIZE_MAX - ss.mNumBytesOfClearData) { sumSubsampleSizes += ss.mNumBytesOfClearData; } else { overflow = true; } } if (overflow || sumSubsampleSizes != totalSize) { result = -EINVAL; } else { result = decrypt( secure, key, iv, Loading @@ -264,6 +285,7 @@ status_t BnCrypto::onTransact( subSamples, numSubSamples, secure ? secureBufferId : dstPtr, &errorDetailMsg); } reply->writeInt32(result); Loading Loading
media/libmedia/ICrypto.cpp +23 −1 Original line number Diff line number Diff line Loading @@ -255,7 +255,28 @@ status_t BnCrypto::onTransact( } AString errorDetailMsg; ssize_t result = decrypt( ssize_t result; size_t sumSubsampleSizes = 0; bool overflow = false; for (int32_t i = 0; i < numSubSamples; ++i) { CryptoPlugin::SubSample &ss = subSamples[i]; if (sumSubsampleSizes <= SIZE_MAX - ss.mNumBytesOfEncryptedData) { sumSubsampleSizes += ss.mNumBytesOfEncryptedData; } else { overflow = true; } if (sumSubsampleSizes <= SIZE_MAX - ss.mNumBytesOfClearData) { sumSubsampleSizes += ss.mNumBytesOfClearData; } else { overflow = true; } } if (overflow || sumSubsampleSizes != totalSize) { result = -EINVAL; } else { result = decrypt( secure, key, iv, Loading @@ -264,6 +285,7 @@ status_t BnCrypto::onTransact( subSamples, numSubSamples, secure ? secureBufferId : dstPtr, &errorDetailMsg); } reply->writeInt32(result); Loading
