widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added key_session_ guard to SelectKey.

Browse Source 
[ Merge of http://go/wvgerrit/146329 ]

A rare race condition was found where a key is selected as the session
is closed.  This results in a null pointer dereference in
CryptoSession::SelectKey().  Two additional checks have been added to
SelectKey() to prevent this from occuring.

Bug: 217749078
Test: CDM unit tests, atest GtsMediaTestCases
Change-Id: Iec390cc7d1f28ddc18a30a68bc78922ec4fdbb89
This commit is contained in:
Alex Dale
2022-02-22 17:26:47 -08:00
parent e710f8f3ba
commit 1cd85a6b79
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -1391,7 +1391,9 @@ CdmResponseType CryptoSession::LoadCertificatePrivateKey(
// Private.
CdmResponseType CryptoSession::SelectKey(const std::string& key_id,
CdmCipherMode cipher_mode) {
RETURN_IF_NOT_OPEN(CRYPTO_SESSION_NOT_OPEN);
const OEMCryptoResult sts = WithOecSessionLock("SelectKey", [&] {
RETURN_IF_NULL(key_session_, OEMCrypto_ERROR_INVALID_SESSION);
return key_session_->SelectKey(key_id, cipher_mode);
});