OSDN Git Service

(root) / android-x86 / frameworks-av.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f5ea1c7) | patch
Fix security vulnerability in CryptoHal
authorJeff Tinker <jtinker@google.com>
Thu, 19 Apr 2018 23:23:21 +0000 (16:23 -0700)
committerJP Sugarbroad <jpsugar@google.com>
Thu, 24 May 2018 17:45:25 +0000 (10:45 -0700)
commitfdc01250e0ffbb44a9a93e1807742e855acd766e
tree844165c83f0664d617e272184137e0bfb33b3c85tree | snapshot
parentf5ea1c7ce68251a517ef90b252b744c69283fb73commit | diff
Fix security vulnerability in CryptoHal

CryptoHal was not checking that the memory heap set by setHeap
was the same one that was actually used for the decrypt call, allowing
the caller to spoof the decrypt call into accessing arbitrary memory.

bug:76221123
test: mediadrmserverpoc included in the bug & GTS media tests
Change-Id: I35214a1a6d0a4b864123e147d1a1adc2377bfbc5
Merged-in: I4ae6d1080be406bf53e3617c59c75206cc5066c6
(cherry picked from commit 9a9c3ab4d76f03f3abb3756bca9cdfe55c74326a)
drm/libmediadrm/CryptoHal.cpp diff | blob | history
media/libmedia/include/media/CryptoHal.h diff | blob | history
frameworks/av
About OSDN
Find Software
Develop Software
Help