From 4389e262d15dc3d9ba0de819b08090bcc321a85d Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Sun, 10 Feb 2019 20:06:08 -0800 Subject: [PATCH] Set max output buffer size in Mod Mock Merge from Widevine repo of http://go/wvgerrit/72392 This adds the ability of the reference code to set the maximum output buffer size error discussed in the Recoverable Errors section of http://go/wvdelta15 Bug: http://b/120572363 Add Recoverable Errors (mod mock) Change-Id: I688caca22929e29b3548c3f7d1df5de5bd37bfa1 --- libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp | 7 +++++++ libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h | 5 +++++ 2 files changed, 12 insertions(+) diff --git a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp index 72493d85..2c6e6b52 100644 --- a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp +++ b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp @@ -215,6 +215,13 @@ OEMCryptoResult CryptoEngine::SetDestination( default: return OEMCrypto_ERROR_INVALID_CONTEXT; } + size_t max_allowed = max_output_size(); + if (max_allowed > 0 && + (max_allowed < max_length || max_allowed < data_length)) { + LOGE("Output too large (or buffer too small)."); + return OEMCrypto_ERROR_OUTPUT_TOO_LARGE; + } + if (out_description->type != OEMCrypto_BufferType_Direct && max_length < data_length) { LOGE("[SetDestination(): OEMCrypto_ERROR_SHORT_BUFFER]"); diff --git a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h index 32ab9eb6..6ad5cd2f 100644 --- a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h +++ b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h @@ -150,6 +150,11 @@ class CryptoEngine { // This is the same as the max subsample size, not the sample or frame size. virtual size_t max_buffer_size() { return 1024 * 100; } // 100 KiB. + // If 0 no restriction, otherwise it's the max output buffer for DecryptCENC + // and CopyBuffer. This is the same as the max frame or sample size, not the + // subsample size. + virtual size_t max_output_size() { return 0; } + virtual bool srm_update_supported() { return false; } virtual OEMCryptoResult current_srm_version(uint16_t* version) {