Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c5be8b20 authored by Marco Nelissen's avatar Marco Nelissen Committed by android-build-merger
Browse files

[automerger] Check for overflow of crypto size am: d1fd0276 am: fe8dc061... 

[automerger] Check for overflow of crypto size am: d1fd0276 am: fe8dc061 am: 1d1379f4 am: 7b432adb am: 45727778 am: 1b227ecd am: 960c43e6 am: fc842287 am: 0c6fa043
am: 5f863937

Change-Id: I3d6643feb0e11878d9c10aabbfb344a0e0efd0f8
parents 6928c0ee 5f863937

media/ndk/NdkMediaCodec.cpp

+7 −1
Original line number Diff line number Diff line
@@ -811,7 +811,13 @@ AMediaCodecCryptoInfo *AMediaCodecCryptoInfo_new( 
        size_t *encryptedbytes) {



    // size needed to store all the crypto data

    size_t cryptosize = sizeof(AMediaCodecCryptoInfo) + sizeof(size_t) * numsubsamples * 2;

    size_t cryptosize;

    // = sizeof(AMediaCodecCryptoInfo) + sizeof(size_t) * numsubsamples * 2;

    if (__builtin_mul_overflow(sizeof(size_t) * 2, numsubsamples, &cryptosize) ||

            __builtin_add_overflow(cryptosize, sizeof(AMediaCodecCryptoInfo), &cryptosize)) {

        ALOGE("crypto size overflow");

        return NULL;

    }

    AMediaCodecCryptoInfo *ret = (AMediaCodecCryptoInfo*) malloc(cryptosize);

    if (!ret) {

        ALOGE("couldn't allocate %zu bytes", cryptosize);