widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

NULL terminate device unique ID before use

Browse Source 
bug: 12228689

If the device ID returned from OEMCrypto_GetDeviceUniqueId is
not NULL terminated in the OEM code, trailing garbage characters
may be included in the license request's client_identification
field, which could be rejected by the server's utf8 parser if
they are invalid characters, causing a license request failure.

The code for CryptoSession::GetDeviceUniqueId should use the
updated id_length from OEMCrypto_GetDeviceUniqueId to adjust
the length of the *device_id string before returning the result
to the caller.

Change-Id: I659866d4234d4f21ec051590fc7bc6367904a48a
This commit is contained in:
Jeff Tinker
2013-12-19 16:05:06 -08:00
parent 78a9d5cd9a
commit 1c5ca642cb
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -155,6 +155,9 @@ bool CryptoSession::GetDeviceUniqueId(std::string* device_id) {
return false;
}
id.resize(id_length + 1);
id[id_length] = '\0';
*device_id = reinterpret_cast<const char*>(&id[0]);
return true;
}