Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit c87faed6 authored by Joshua J. Drake's avatar Joshua J. Drake Committed by Nick Kralevich
Browse files

Fix integer underflow in covr MPEG4 processing 

When the 'chunk_data_size' variable is less than 'kSkipBytesOfDataBox', an
integer underflow can occur. This causes an extraordinarily large value to
be passed to MetaData::setData, leading to a buffer overflow.

Bug: 20923261
(cherry picked from commit 4a492bf2)

Change-Id: I83490cbaf5b368073fcd8668a9241dfc90bebd90
parent f1ce97dd
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment