[RESTRICT AUTOMERGE] Fix potential decrypt destPtr overflow. (a44d2447) · Commits · e / os / android_frameworks_av · GitLab

Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a44d2447 authored Feb 02, 2021 by Edwin Wong

[RESTRICT AUTOMERGE] Fix potential decrypt destPtr overflow.

There is a potential integer overflow to bypass the
destination base size check in decrypt. The destPtr
can then point to the outside of the destination buffer.

Test: sts-tradefed
  sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Bug_176444622#testPocBug_176444622

Test: push to device with target_hwasan-userdebug build
  adb shell /data/local/tmp/Bug-17644462264

Bug: 176444622
Bug: 176496353
Change-Id: I38e25c63c67b8acfa69649cc906483430da2ead6

parent eb95e3ce

Hide whitespace changes

Inline Side-by-side

Rohit Sekhar @merothh
mentioned in commit 91f4cef3
· Sep 13, 2022

mentioned in commit 91f4cef3

mentioned in commit 91f4cef31a11762d5082624bb49e2dd2306f7d17

Toggle commit list

Please register or to comment