widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0558edfb315d1c3786fa72c14446e292f32c7d09
android/libwvdrmengine/mediacrypto/src_hidl
History
Edwin Wong 0558edfb31 [RESTRICT AUTOMERGE] Fix potential decrypt destPtr overflow. 
There is a potential integer overflow to bypass the
destination base size check in decrypt. The destPtr
can then point to the outside of the destination buffer.

Test: sts-tradefed
  sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Bug_176444622#testPocBug_176444622

Test: push to device with target_hwasan-userdebug build
  adb shell /data/local/tmp/Bug-17644462264

Bug: 176444622
Bug: 176496353
Change-Id: I2aa944d6db1754d10dacee05f2e06071bbb4a3cc
2021-02-02 23:31:26 -08:00
..
WVCryptoPlugin.cpp
[RESTRICT AUTOMERGE] Fix potential decrypt destPtr overflow.
2021-02-02 23:31:26 -08:00