Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f24c8532 authored by Shashi Kumar's avatar Shashi Kumar Committed by Steve Kondik
Browse files

framework/av: Fix in MP4 extractor to avoid crash while parsing fuzzed clips. 

-Crash in MP4 extractor while parsing fuzzed clips.
-Check condition crashes when chunk index is non-standard.
-Avoid Check and return error

Change-Id: I9bd955e1f20234497991dd24726228623d8618bc
parent 3c797a9f

media/libstagefright/SampleTable.cpp

+6 −1
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2009 The Android Open Source Project

 * Copyright (c) 2012, Code Aurora Forum. All rights reserved.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.
@@ -241,7 +242,11 @@ status_t SampleTable::setSampleToChunkParams( 
            return ERROR_IO;

        }



        CHECK(U32_AT(buffer) >= 1);  // chunk index is 1 based in the spec.

        //CHECK(U32_AT(buffer) >= 1);  // chunk index is 1 based in the spec.

        if(U32_AT(buffer) <= 0) {

            ALOGE("Non Standard Chunk index\n");

            return ERROR_MALFORMED;

        }



        // We want the chunk index to be 0-based.

        mSampleToChunkEntries[i].startChunk = U32_AT(buffer) - 1;