Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Fixed a buffer overflow bug in DrmPassthruPlugin"

Browse Source
This commit is contained in:
James Dong
2012-03-14 10:43:18 -07:00
committed by Android (Google) Code Review
parent 2bab6b63c7 32d8fc8d6d
commit 8e3fac28a0
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
drm/libdrmframework/plugins/passthru/src/DrmPassthruPlugIn.cpp
View File

@@ -279,8 +279,14 @@ status_t DrmPassthruPlugIn::onDecrypt(int uniqueId, DecryptHandle* decryptHandle
* memory has to be allocated by the caller.
*/
if (NULL != (*decBuffer) && 0 < (*decBuffer)->length) {
memcpy((*decBuffer)->data, encBuffer->data, encBuffer->length);
(*decBuffer)->length = encBuffer->length;
if ((*decBuffer)->length >= encBuffer->length) {
memcpy((*decBuffer)->data, encBuffer->data, encBuffer->length);
(*decBuffer)->length = encBuffer->length;
} else {
ALOGE("decBuffer size (%d) too small to hold %d bytes",
(*decBuffer)->length, encBuffer->length);
return DRM_ERROR_UNKNOWN;
}
}
return DRM_NO_ERROR;
}