Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9c80c519 authored by Sungtak Lee's avatar Sungtak Lee Committed by Cherrypicker Worker
Browse files

C2SurfaceSyncObj: prevent OOB read in Import 

Prevent OOB read in C2SurfaceSyncObj::Import from libcodec2_vndk.

Bug: 240140929
Test: Manual
Change-Id: I7b4cd8aa3fa5b9b2160f0eba40a618b4dd536d5c
(cherry picked from commit 9b4f3810)
Merged-In: I7b4cd8aa3fa5b9b2160f0eba40a618b4dd536d5c
parent e7d7989a

media/codec2/vndk/platform/C2SurfaceSyncObj.cpp

+5 −0
Original line number Diff line number Diff line
@@ -64,6 +64,11 @@ std::shared_ptr<C2SurfaceSyncMemory> C2SurfaceSyncMemory::Import( 
    }



    HandleSyncMem *o = static_cast<HandleSyncMem*>(handle);

    if (o->size() < sizeof(C2SyncVariables)) {

        android_errorWriteLog(0x534e4554, "240140929");

        return nullptr;

    }



    void *ptr = mmap(NULL, o->size(), PROT_READ | PROT_WRITE, MAP_SHARED, o->memFd(), 0);



    if (ptr == MAP_FAILED) {