Fix potential decrypt src pointer overflow. (c14f2628) · Commits · e / os / android_hardware_interfaces · GitLab

Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c14f2628 authored Jan 26, 2021 by Edwin Wong

Fix potential decrypt src pointer overflow.

There is a potential integer overflow to bypass the
source base size check in decrypt. The source pointer
can then point to the outside of the source buffer,
which could potentially leak arbitrary memory content
to destination pointer.

Test: sts-tradefed
  sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Bug_176496160#testPocBug_176496160

Test: push to device with target_hwasan-userdebug build
  adb shell /data/local/tmp/Bug-17649616064

Bug: 176496160
Bug: 176444786
Change-Id: I811a6f60948bde2a72906c2c6172fd7bc5feb6d9

parent d1a977b7

Hide whitespace changes

Inline Side-by-side

Rohit Sekhar @merothh
mentioned in commit 58a2dc23
· Sep 25, 2023

mentioned in commit 58a2dc23

mentioned in commit 58a2dc23bb3585dacc5470575483e0c6a613dd62

Toggle commit list
Rohit Sekhar @merothh
mentioned in commit 27c01f36
· Sep 25, 2023

mentioned in commit 27c01f36

mentioned in commit 27c01f362a8d1fd8eda6a28273e1effa714b3b66

Toggle commit list
Rohit Sekhar @merothh
mentioned in commit 47f90cb5
· Sep 25, 2023

mentioned in commit 47f90cb5

mentioned in commit 47f90cb5e5c5f3da717bc5acd67dd02e1d3608d3

Toggle commit list

Please register or to comment