widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix potential signed integer overflow in ODK

Browse Source 
PiperOrigin-RevId: 573265338
Change-Id: I33dbced572941c9646f7496e20b8d9a49bca5811
This commit is contained in:
Vicky Min
2023-10-13 11:00:43 -07:00
committed by Robert Shih
parent e0e625b3f2
commit 51c537e265
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
libwvdrmengine/oemcrypto/odk/src/core_message_serialize_proto.cpp
View File

@@ -167,9 +167,14 @@ bool CreateCoreLicenseResponseFromProto(const CoreMessageFeatures& features,
timer_limits.rental_duration_seconds = policy.rental_duration_seconds();
timer_limits.total_playback_duration_seconds =
policy.playback_duration_seconds();
// On devices these seconds are tracking time so should not be negative.
if (policy.renewal_delay_seconds() < 0 ||
policy.renewal_recovery_duration_seconds() < 0) {
return false;
}
timer_limits.initial_renewal_duration_seconds =
policy.renewal_delay_seconds() +
policy.renewal_recovery_duration_seconds();
static_cast<uint64_t>(policy.renewal_delay_seconds()) +
static_cast<uint64_t>(policy.renewal_recovery_duration_seconds());
parsed_lic.key_array = key_array.data();
parsed_lic.key_array_length = static_cast<uint32_t>(key_array.size());