Avoid null dereference with empty BCC strings. am: ce25b9d44c

Original change: https://googleplex-android-review.googlesource.com/c/platform/vendor/widevine/+/22162393 Change-Id: I5b96ada4caece6a0bdde0fb03d2f4354e72a6e38 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-22 22:18:18 +00:00
parent 996cfd0449 ce25b9d44c
commit ce18c3222d
1 changed files with 18 additions and 13 deletions
--- a/libwvdrmengine/cdm/core/src/crypto_session.cpp
+++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp
@@ -202,6 +202,12 @@ size_t GenericEncryptionBlockSize(CdmEncryptionAlgorithm algorithm) {
  }
  return kAes128BlockSize;
 }
+
+uint8_t* MutableStringDataPointer(std::string* s) {
+  if (s == nullptr) return nullptr;
+  if (s->empty()) return nullptr;
+  return reinterpret_cast<uint8_t*>(&s->front());
+}
 }  // namespace

 // CryptoSession variables allocation.
@@ -1385,18 +1391,18 @@ CdmResponseType CryptoSession::GetBootCertificateChain(

  size_t bcc_length = 0;
  size_t additional_signature_length = 0;
-  OEMCryptoResult sts;
-  WithOecReadLock("GetBootCertificateChain Attempt 1", [&] {
-    sts = OEMCrypto_GetBootCertificateChain(nullptr, &bcc_length, nullptr,
-                                            &additional_signature_length);
-  });
+  OEMCryptoResult sts =
+      WithOecReadLock("GetBootCertificateChain Attempt 1", [&] {
+        return OEMCrypto_GetBootCertificateChain(nullptr, &bcc_length, nullptr,
+                                                 &additional_signature_length);
+      });
  if (sts == OEMCrypto_ERROR_SHORT_BUFFER) {
    bcc->resize(bcc_length);
    additional_signature->resize(additional_signature_length);
-    WithOecReadLock("GetBootCertificateChain Attempt 2", [&] {
-      sts = OEMCrypto_GetBootCertificateChain(
-          reinterpret_cast<uint8_t*>(&bcc->front()), &bcc_length,
-          reinterpret_cast<uint8_t*>(&additional_signature->front()),
+    sts = WithOecReadLock("GetBootCertificateChain Attempt 2", [&] {
+      return OEMCrypto_GetBootCertificateChain(
+          MutableStringDataPointer(bcc), &bcc_length,
+          MutableStringDataPointer(additional_signature),
          &additional_signature_length);
    });
  }
@@ -1444,11 +1450,10 @@ CdmResponseType CryptoSession::GenerateCertificateKeyPair(
  WithOecSessionLock("GenerateCertificateKeyPair Attempt 2", [&] {
    M_TIME(
        status = OEMCrypto_GenerateCertificateKeyPair(
-            oec_session_id_, reinterpret_cast<uint8_t*>(&public_key->front()),
-            &public_key_length,
-            reinterpret_cast<uint8_t*>(&public_key_signature->front()),
+            oec_session_id_, MutableStringDataPointer(public_key),
+            &public_key_length, MutableStringDataPointer(public_key_signature),
            &public_key_signature_length,
-            reinterpret_cast<uint8_t*>(&wrapped_private_key->front()),
+            MutableStringDataPointer(wrapped_private_key),
            &wrapped_private_key_length, &oemcrypto_key_type),
        metrics_, oemcrypto_generate_certificate_key_pair_, status);
  });