OSDN Git Service
Roger1 Jonsson [Wed, 5 Apr 2017 23:10:38 +0000 (23:10 +0000)]
Avoid crash for stss sync sample number 0 am:
5c364997a3 am:
e77a32bd3d am:
ab28d49e41 -s ours
am:
73db408aa3
Change-Id: Ibe55680e73e9caddc3fc79883fa17a50742f393d
Roger1 Jonsson [Wed, 5 Apr 2017 23:07:37 +0000 (23:07 +0000)]
Avoid crash for stss sync sample number 0 am:
5c364997a3 am:
e77a32bd3d
am:
ab28d49e41 -s ours
Change-Id: I63e6f4ea65dda85e5d779f6aaf1fbd4ca5806f8c
Roger1 Jonsson [Wed, 5 Apr 2017 22:52:35 +0000 (22:52 +0000)]
Avoid crash for stss sync sample number 0 am:
5c364997a3
am:
e77a32bd3d
Change-Id: If61ba19bc937c6b7c7227296ddba5a1797072f9d
Roger1 Jonsson [Wed, 5 Apr 2017 22:49:34 +0000 (22:49 +0000)]
Avoid crash for stss sync sample number 0
am:
5c364997a3
Change-Id: Ia97daf543c65b52db1c5d09471ed8d00a434364d
Roger1 Jonsson [Wed, 26 Oct 2016 07:20:00 +0000 (09:20 +0200)]
Avoid crash for stss sync sample number 0
A sample number value of 0 means that the value stored in
the mSyncSamples array, would become negative (-1),
when converted to index value. This causes a crash.
Make sure that stss sample numbers are bigger
than 0 before converting sample number to index value.
Bug:
32423862
bug:
35645051
Test: Playback video that triggers stss sync sample number 0
Change-Id: I35bee7c718e01b086d7e05deda13b38083f509f5
Robert Shih [Tue, 14 Mar 2017 23:58:59 +0000 (23:58 +0000)]
DO NOT MERGE FLACExtractor: copy protect mWriteBuffer am:
13c77f4fe0 am:
761abda1bd am:
aca26c9d45 -s ours
am:
1e4d8d67bc -s ours
Change-Id: Iab0b678707ea31ad02f0f9be5f02f5638c601826
Robert Shih [Tue, 14 Mar 2017 23:55:10 +0000 (23:55 +0000)]
FLACExtractor: copy protect mWriteBuffer
am:
8ee699977c
Change-Id: Icdfd99c85fb0f76cc607f8bb29430913cf72bad1
Robert Shih [Tue, 14 Mar 2017 23:54:28 +0000 (23:54 +0000)]
DO NOT MERGE FLACExtractor: copy protect mWriteBuffer am:
13c77f4fe0 am:
761abda1bd
am:
aca26c9d45 -s ours
Change-Id: Id436554a36de729ccd7a3220e32e155c423d0531
Robert Shih [Tue, 14 Mar 2017 23:49:57 +0000 (23:49 +0000)]
DO NOT MERGE FLACExtractor: copy protect mWriteBuffer am:
13c77f4fe0
am:
761abda1bd
Change-Id: I30bf5233b69619d260edb952248865adf5c55c83
Robert Shih [Tue, 14 Mar 2017 23:45:27 +0000 (23:45 +0000)]
DO NOT MERGE FLACExtractor: copy protect mWriteBuffer
am:
13c77f4fe0
Change-Id: Ib7f8b77b3ba27fcd8e61e540eb39259cb287185c
Robert Shih [Mon, 24 Oct 2016 18:38:31 +0000 (11:38 -0700)]
FLACExtractor: copy protect mWriteBuffer
Bug:
30895578
Bug:
34970788
Change-Id: I4cba36bbe3502678210e5925181683df9726b431
(cherry picked from commit
328cd66cc72ba7bc5452ed5a93f29ddcd73aa9f9)
Robert Shih [Mon, 24 Oct 2016 18:38:31 +0000 (11:38 -0700)]
DO NOT MERGE FLACExtractor: copy protect mWriteBuffer
Bug:
30895578
Bug:
34970788
Change-Id: I4cba36bbe3502678210e5925181683df9726b431
Ray Essick [Mon, 13 Mar 2017 22:57:12 +0000 (22:57 +0000)]
Merge "Add bounds check in SoftAACEncoder2::onQueueFilled()" into klp-dev am:
19b91af752 am:
8e3cf4d841 am:
5b1bfc1f43
am:
8abf11b512
Change-Id: I1cdf8344d8ca41cf5c4b6622ec743bb094c3dff0
Ray Essick [Mon, 13 Mar 2017 22:56:57 +0000 (22:56 +0000)]
Merge "Fix TOCTOU problem in libstagefright_soft_aacenc" into klp-dev am:
2076915c5f am:
dcda2ec2fe am:
f5c7784dbd
am:
c3de266a99
Change-Id: I38701178a3fd7632fc8717472338d60d4cb0de2e
Ray Essick [Mon, 13 Mar 2017 22:52:42 +0000 (22:52 +0000)]
Merge "Add bounds check in SoftAACEncoder2::onQueueFilled()" into klp-dev am:
19b91af752 am:
8e3cf4d841
am:
5b1bfc1f43
Change-Id: I32327162d3e69259656f0b3a82800f45572527fd
Ray Essick [Mon, 13 Mar 2017 22:52:28 +0000 (22:52 +0000)]
Merge "Fix TOCTOU problem in libstagefright_soft_aacenc" into klp-dev am:
2076915c5f am:
dcda2ec2fe
am:
f5c7784dbd
Change-Id: Ic1901b3fa14a1e1c7f582e5b7862e777489e7314
Marco Nelissen [Mon, 13 Mar 2017 22:48:27 +0000 (22:48 +0000)]
Merge "Fix integer overflow and divide-by-zero" into klp-dev am:
b264ece2c0 am:
bbca2719c6 am:
c2e69851ea
am:
3285770d37
Change-Id: Id82c89fed96d3cfa11d68ba5d791d5a360aa243c
Marco Nelissen [Mon, 13 Mar 2017 22:48:12 +0000 (22:48 +0000)]
Merge "Fix NPDs in h263 decoder" into klp-dev am:
012e5fd39e am:
9e8dfb5938 am:
9e4a0e1fab
am:
3c4401fce8
Change-Id: Ib6bd99193a44fbd801906d234c42b3fa3d33fb9a
Ray Essick [Mon, 13 Mar 2017 22:48:10 +0000 (22:48 +0000)]
Merge "Add bounds check in SoftAACEncoder2::onQueueFilled()" into klp-dev am:
19b91af752
am:
8e3cf4d841
Change-Id: I804c61a21202d3c5aef3edac5872f56cef67753b
Marco Nelissen [Mon, 13 Mar 2017 22:47:58 +0000 (22:47 +0000)]
Merge "Fix out of bounds access" into klp-dev am:
360cbbd72c am:
f71b76cae8 am:
36c2e14da3
am:
8a3cc1963e
Change-Id: I72dd260e2ee0f9560c9322c3aaf7b93c8008607e
Ray Essick [Mon, 13 Mar 2017 22:47:56 +0000 (22:47 +0000)]
Merge "Fix TOCTOU problem in libstagefright_soft_aacenc" into klp-dev am:
2076915c5f
am:
dcda2ec2fe
Change-Id: I6759f0d478dd70baf59c3e006cb904d26793c1d4
Marco Nelissen [Mon, 13 Mar 2017 22:43:54 +0000 (22:43 +0000)]
Merge "Fix integer overflow and divide-by-zero" into klp-dev am:
b264ece2c0 am:
bbca2719c6
am:
c2e69851ea
Change-Id: I2720c4439848f9aab8d7fa4f93b548793d129a4f
Marco Nelissen [Mon, 13 Mar 2017 22:43:40 +0000 (22:43 +0000)]
Merge "Fix NPDs in h263 decoder" into klp-dev am:
012e5fd39e am:
9e8dfb5938
am:
9e4a0e1fab
Change-Id: I17a5c0765c31c92a25e7c89a330aa656adc03baf
Ray Essick [Mon, 13 Mar 2017 22:43:39 +0000 (22:43 +0000)]
Merge "Add bounds check in SoftAACEncoder2::onQueueFilled()" into klp-dev
am:
19b91af752
Change-Id: I83ad1fa809b82d1b4a6158b66ebffc5ae1d35590
Ray Essick [Mon, 13 Mar 2017 22:43:27 +0000 (22:43 +0000)]
Merge "Fix TOCTOU problem in libstagefright_soft_aacenc" into klp-dev
am:
2076915c5f
Change-Id: Ib9bc5c92218231acefda2800df84a8bffe2da92f
Marco Nelissen [Mon, 13 Mar 2017 22:43:26 +0000 (22:43 +0000)]
Merge "Fix out of bounds access" into klp-dev am:
360cbbd72c am:
f71b76cae8
am:
36c2e14da3
Change-Id: Ie6d46a6979bc89e2485fa4d2a25b21fc601e9783
Marco Nelissen [Mon, 13 Mar 2017 22:39:25 +0000 (22:39 +0000)]
Merge "Fix integer overflow and divide-by-zero" into klp-dev am:
b264ece2c0
am:
bbca2719c6
Change-Id: If5ae485e1be0df3d4f61edf689d5b4c1520077b8
Marco Nelissen [Mon, 13 Mar 2017 22:39:10 +0000 (22:39 +0000)]
Merge "Fix NPDs in h263 decoder" into klp-dev am:
012e5fd39e
am:
9e8dfb5938
Change-Id: I875cb7bba1bc6f6f443923a04629ae44a9d41140
Marco Nelissen [Mon, 13 Mar 2017 22:38:56 +0000 (22:38 +0000)]
Merge "Fix out of bounds access" into klp-dev am:
360cbbd72c
am:
f71b76cae8
Change-Id: I3306be5d7bb3867287732757dd14170527488b68
Ray Essick [Mon, 13 Mar 2017 22:38:40 +0000 (22:38 +0000)]
Merge "Add bounds check in SoftAACEncoder2::onQueueFilled()" into klp-dev
Ray Essick [Mon, 13 Mar 2017 22:35:43 +0000 (22:35 +0000)]
Merge "Fix TOCTOU problem in libstagefright_soft_aacenc" into klp-dev
Marco Nelissen [Mon, 13 Mar 2017 22:34:54 +0000 (22:34 +0000)]
Merge "Fix integer overflow and divide-by-zero" into klp-dev
am:
b264ece2c0
Change-Id: Id65ef33cb965b6fbdec95d9429ee05b134fd14f3
Marco Nelissen [Mon, 13 Mar 2017 22:34:40 +0000 (22:34 +0000)]
Merge "Fix NPDs in h263 decoder" into klp-dev
am:
012e5fd39e
Change-Id: I2ad3e1364472558cf48c51fb3e2a08002d74c32d
Marco Nelissen [Mon, 13 Mar 2017 22:34:26 +0000 (22:34 +0000)]
Merge "Fix out of bounds access" into klp-dev
am:
360cbbd72c
Change-Id: I9ea32d31b1281689c4b5997a6c328630031c1795
Marco Nelissen [Mon, 13 Mar 2017 22:31:24 +0000 (22:31 +0000)]
Merge "Fix integer overflow and divide-by-zero" into klp-dev
Marco Nelissen [Mon, 13 Mar 2017 22:30:25 +0000 (22:30 +0000)]
Merge "Fix NPDs in h263 decoder" into klp-dev
Marco Nelissen [Mon, 13 Mar 2017 22:28:40 +0000 (22:28 +0000)]
Merge "Fix out of bounds access" into klp-dev
Ray Essick [Mon, 13 Mar 2017 18:59:57 +0000 (11:59 -0700)]
Add bounds check in SoftAACEncoder2::onQueueFilled()
Original code blindly copied some header information into the
user-supplied buffer without checking for sufficient space.
The code does check when it gets to filling the data -- it's
just the header copies that weren't checked.
Bug:
34617444
Test: ran POC before/after
Change-Id: I6e80ec90616f6cd02bb8316cd2d6e309b7e4729d
Marco Nelissen [Fri, 3 Mar 2017 21:37:27 +0000 (13:37 -0800)]
Fix NPDs in h263 decoder
Bug:
35269635
Test: decoded PoC with and without patch
Change-Id: I636a14360c7801cc5bca63c9cb44d1d235df8fd8
Ray Essick [Sat, 11 Mar 2017 00:03:40 +0000 (16:03 -0800)]
Fix TOCTOU problem in libstagefright_soft_aacenc
Fixes a configuration error where we sized a buffer initially based
on the configuration at the time and held onto the buffer through the
rest of our lifetime. If the configuration was changed in a way that
resulted in needing a different size buffer, the code did not make
this happen.
Patch keeps the buffer around but also stores the 'current allocation
size'. This allows the later code that preps the buffer to query if
the buffer size is same or changed. If changed, we discard the old
buffer and allocate a new one of the appropriate size.
safetynet logging added so we can tell how often this happens in the
field.
Testing was done on nyc-mr2 (where poc was built). Patch applies
without change to k/l/m/n/master.
Bug:
34621073
Test: run POC, saw new diagnostics saying it caught the size change.
Change-Id: Ia95aadc8c727434b7ba9628deeae327c405336d3
Marco Nelissen [Fri, 10 Mar 2017 19:28:44 +0000 (11:28 -0800)]
Fix out of bounds access
Bug:
34618607
Change-Id: I84f0ef948414d0b2d54e8948b6c30b8ae4da2b36
Andy Hung [Fri, 10 Mar 2017 22:42:59 +0000 (22:42 +0000)]
Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev am:
e0da30dc57 am:
737754e97a am:
de6072164a -s ours
am:
9fe1d60957 -s ours
Change-Id: I06683878d8e39e9d9dcae9f897124c36f6b968bf
Andy Hung [Fri, 10 Mar 2017 22:39:58 +0000 (22:39 +0000)]
Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev am:
e0da30dc57 am:
737754e97a
am:
de6072164a -s ours
Change-Id: I33a81bea7f8e210dbadade3f9bd63a3decbfb478
Andy Hung [Fri, 10 Mar 2017 22:36:28 +0000 (22:36 +0000)]
Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev am:
e0da30dc57
am:
737754e97a
Change-Id: Ide9fb3f4955a31ade22f99c299f441d8413c1b88
Andy Hung [Fri, 10 Mar 2017 22:32:59 +0000 (22:32 +0000)]
Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev
am:
e0da30dc57
Change-Id: Ia8aee821949f27b81e5c0ddca2e39aa9e478a432
Andy Hung [Fri, 10 Mar 2017 22:32:59 +0000 (22:32 +0000)]
Merge "AudioFlinger: Check framecount overflow when creating track" into lmp-dev
am:
51a3483ec9
Change-Id: I6fe5fb0a7142218b16c84bc1966a84ac920fd70a
Andy Hung [Fri, 10 Mar 2017 22:29:51 +0000 (22:29 +0000)]
Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev
Andy Hung [Fri, 10 Mar 2017 22:29:43 +0000 (22:29 +0000)]
Merge "AudioFlinger: Check framecount overflow when creating track" into lmp-dev
Marco Nelissen [Thu, 9 Mar 2017 23:01:55 +0000 (15:01 -0800)]
Fix integer overflow and divide-by-zero
Bug:
35763994
Test: ran CTS with and without fix
Change-Id: If835e97ce578d4fa567e33e349e48fb7b2559e0e
Wonsik Kim [Thu, 16 Feb 2017 01:38:20 +0000 (01:38 +0000)]
DO NOT MERGE codecs: handle onReset() for a few encoders am:
dd447c354e am:
afaa438503 am:
daaabdcaac -s ours
am:
da9246fa5e -s ours
Change-Id: I72b4c927264c5c796b7d52dfe961a5ed15a03fdb
Wonsik Kim [Thu, 16 Feb 2017 01:34:50 +0000 (01:34 +0000)]
DO NOT MERGE codecs: handle onReset() for a few encoders am:
dd447c354e am:
afaa438503
am:
daaabdcaac -s ours
Change-Id: I20ff9fb7d3d5f3be5e9c21d0335ed15844a5dd15
Wonsik Kim [Thu, 16 Feb 2017 01:31:19 +0000 (01:31 +0000)]
DO NOT MERGE codecs: handle onReset() for a few encoders am:
dd447c354e
am:
afaa438503
Change-Id: Ife5d8803e38a6d62f820929c6eb83b93f8ec64c1
Wonsik Kim [Thu, 16 Feb 2017 01:28:51 +0000 (01:28 +0000)]
DO NOT MERGE codecs: handle onReset() for a few encoders
am:
dd447c354e
Change-Id: I0f2bde22c3e3b19d364ffce46f2e7c67f4016d75
Wonsik Kim [Thu, 16 Feb 2017 01:28:50 +0000 (01:28 +0000)]
codecs: handle onReset() for a few encoders
am:
5443b57cc5
Change-Id: Ifd851c8840abc615eecf0da1f6b32f30cfb4e0b2
Wonsik Kim [Fri, 10 Feb 2017 05:29:40 +0000 (14:29 +0900)]
codecs: handle onReset() for a few encoders
Test: Run PoC binaries
Bug:
34749392
Bug:
34705519
Change-Id: I3356eb615b0e79272d71d72578d363671038c6dd
Wonsik Kim [Fri, 10 Feb 2017 05:29:40 +0000 (14:29 +0900)]
DO NOT MERGE codecs: handle onReset() for a few encoders
Test: Run PoC binaries
Bug:
34749392
Bug:
34705519
Change-Id: I3356eb615b0e79272d71d72578d363671038c6dd
Andy Hung [Tue, 14 Feb 2017 02:48:39 +0000 (18:48 -0800)]
DO NOT MERGE AudioFlinger: Check framecount overflow when creating track
Test: Native POC
Bug:
34749571
Change-Id: I7529658e52ac7e64d162eb5338f10fb25eaa8fe7
Andy Hung [Tue, 14 Feb 2017 02:48:39 +0000 (18:48 -0800)]
AudioFlinger: Check framecount overflow when creating track
Test: Native POC
Bug:
34749571
Change-Id: I7529658e52ac7e64d162eb5338f10fb25eaa8fe7
(cherry picked from commit
1883f69de5f2c4e71df58d5b71d7c39f9779b50c)
Jean-Michel Trivi [Tue, 14 Feb 2017 20:51:25 +0000 (20:51 +0000)]
EffectBundle: check nb channels to write speaker angles
am:
e5a54485e0
Change-Id: I131f8d196034854f562a175874bce19b29904664
Jean-Michel Trivi [Tue, 14 Feb 2017 00:31:20 +0000 (16:31 -0800)]
EffectBundle: check nb channels to write speaker angles
When speaker angles are queried, the size of the array for the
returned data is 3x the number of channels (where really it
should be max(2, nbChannels)). The code assumed it was at
least 3x2 (where 2 is the number of virtual speakers this
effect supports) and would thus crash when called for a mono
channel mask.
Test: see repro steps in bug
Bug:
32591350
Change-Id: I33d4bff6b2e19a9fc4284a85a446804878d3a410
Marco Nelissen [Mon, 13 Feb 2017 21:49:17 +0000 (21:49 +0000)]
Merge "Fix overflow check and check read result" into klp-dev am:
b6aa3901ce am:
e541fa1764 am:
7f3980c0ca
am:
ea2023406b
Change-Id: I68fa183d94f46f7578f8b0718da9a3efd9b4946c
Marco Nelissen [Mon, 13 Feb 2017 21:49:03 +0000 (21:49 +0000)]
Merge "stagefright: parseApp check data boundary conditions" into klp-dev am:
65433ff04d am:
86bd734f58 am:
7902138f2e
am:
a23c9a47ab
Change-Id: I4cfef0f49e467337c36b9283d2959ddd68e41bd3
Marco Nelissen [Mon, 13 Feb 2017 21:46:48 +0000 (21:46 +0000)]
Merge "Fix overflow check and check read result" into klp-dev am:
b6aa3901ce am:
e541fa1764
am:
7f3980c0ca
Change-Id: Iaa2a11e1924fdcfe83ca8c8e9a7925850ceb53be
Marco Nelissen [Mon, 13 Feb 2017 21:46:33 +0000 (21:46 +0000)]
Merge "stagefright: parseApp check data boundary conditions" into klp-dev am:
65433ff04d am:
86bd734f58
am:
7902138f2e
Change-Id: I2d9be870193a986d9cd21d7527c4069cd1f184ed
Marco Nelissen [Mon, 13 Feb 2017 21:43:48 +0000 (21:43 +0000)]
Merge "Fix overflow check and check read result" into klp-dev am:
b6aa3901ce
am:
e541fa1764
Change-Id: Ia2962471693b1c4302d4535a0f95dd8d914c3cb8
Marco Nelissen [Mon, 13 Feb 2017 21:43:31 +0000 (21:43 +0000)]
Merge "stagefright: parseApp check data boundary conditions" into klp-dev am:
65433ff04d
am:
86bd734f58
Change-Id: I3729ea0064642ac10292561d450565ee735af369
Marco Nelissen [Mon, 13 Feb 2017 21:41:14 +0000 (21:41 +0000)]
Merge "Fix overflow check and check read result" into klp-dev
am:
b6aa3901ce
Change-Id: I80ef33d8f0593fa723077e91a5ca406f27b0b746
Marco Nelissen [Mon, 13 Feb 2017 21:40:59 +0000 (21:40 +0000)]
Merge "stagefright: parseApp check data boundary conditions" into klp-dev
am:
65433ff04d
Change-Id: I6be526b6ed9df22c9699445efaa4f0ed2ae266b4
Marco Nelissen [Mon, 13 Feb 2017 21:36:48 +0000 (21:36 +0000)]
Merge "Fix overflow check and check read result" into klp-dev
Marco Nelissen [Mon, 13 Feb 2017 21:35:18 +0000 (21:35 +0000)]
Merge "stagefright: parseApp check data boundary conditions" into klp-dev
Marco Nelissen [Mon, 6 Feb 2017 22:12:30 +0000 (14:12 -0800)]
Fix overflow check and check read result
Bug:
33861560
Test: build
Change-Id: Ia85519766e19a6e37237166f309750b3e8323c4e
Eino-Ville Talvala [Thu, 2 Feb 2017 23:54:35 +0000 (23:54 +0000)]
Merge "CameraBase: Don't return an sp<> by reference" into klp-dev am:
fdf64bab96 am:
4fca12e56f am:
f0009384d8
am:
7a14d95270
Change-Id: I42cf5ca9442728273ff2d90095b6d1520c75762a
Eino-Ville Talvala [Thu, 2 Feb 2017 23:54:31 +0000 (23:54 +0000)]
CameraBase: Don't return an sp<> by reference am:
4b49489c12 am:
8c32699ceb am:
8806c2a11d
am:
99c4dd2fe8
Change-Id: I7fd189d89b4a0ddb91a7f21485d97dabee9b784e
Eino-Ville Talvala [Thu, 2 Feb 2017 23:52:04 +0000 (23:52 +0000)]
Merge "CameraBase: Don't return an sp<> by reference" into klp-dev am:
fdf64bab96 am:
4fca12e56f
am:
f0009384d8
Change-Id: I8efab658bd67af7eb85ac8cd6dc7d6d9fa61ef21
Eino-Ville Talvala [Thu, 2 Feb 2017 23:52:01 +0000 (23:52 +0000)]
CameraBase: Don't return an sp<> by reference am:
4b49489c12 am:
8c32699ceb
am:
8806c2a11d
Change-Id: I61be9ab0dbd9acde84811cd437304267b9544099
Eino-Ville Talvala [Thu, 2 Feb 2017 23:49:04 +0000 (23:49 +0000)]
Merge "CameraBase: Don't return an sp<> by reference" into klp-dev am:
fdf64bab96
am:
4fca12e56f
Change-Id: I082c1ec76a3b05de211d169ee07a7a1f544081dc
Eino-Ville Talvala [Thu, 2 Feb 2017 23:49:01 +0000 (23:49 +0000)]
CameraBase: Don't return an sp<> by reference am:
4b49489c12
am:
8c32699ceb
Change-Id: I6fac31b3eaa435a665643343c2a6d8a6959be107
Eino-Ville Talvala [Thu, 2 Feb 2017 23:47:02 +0000 (23:47 +0000)]
Merge "CameraBase: Don't return an sp<> by reference" into klp-dev
am:
fdf64bab96
Change-Id: Ied7016c8cfaaa0d7ed714f753b8827cf0179cb1a
Eino-Ville Talvala [Thu, 2 Feb 2017 23:47:01 +0000 (23:47 +0000)]
CameraBase: Don't return an sp<> by reference
am:
4b49489c12
Change-Id: I4befb08a206d22e71a6ab2bfd44fb90ddbd62915
Eino-Ville Talvala [Thu, 2 Feb 2017 23:42:07 +0000 (23:42 +0000)]
Merge "CameraBase: Don't return an sp<> by reference" into klp-dev
Marco Nelissen [Thu, 2 Feb 2017 21:31:21 +0000 (21:31 +0000)]
Revert "Turn off overflow protection for various math functions" am:
2dd1d5e02e am:
aa5498018f am:
ce9cab33b7
am:
4c1ad41c8b
Change-Id: I7a754e278cdc719a0bf6543f8a2accbc43301f86
Marco Nelissen [Thu, 2 Feb 2017 21:28:50 +0000 (21:28 +0000)]
Revert "Turn off overflow protection for various math functions" am:
2dd1d5e02e am:
aa5498018f
am:
ce9cab33b7
Change-Id: Id9318840db48994196c72eb5f14e132e23776bda
Marco Nelissen [Thu, 2 Feb 2017 21:26:19 +0000 (21:26 +0000)]
Revert "Turn off overflow protection for various math functions" am:
2dd1d5e02e
am:
aa5498018f
Change-Id: Ica9690b213037f6bd4c13bf14a4d66b77b7def41
Marco Nelissen [Thu, 2 Feb 2017 21:24:19 +0000 (21:24 +0000)]
Revert "Turn off overflow protection for various math functions"
am:
2dd1d5e02e
Change-Id: I37734de98f269e6886be0578b4ff9db31229c8de
Marco Nelissen [Thu, 2 Feb 2017 20:53:17 +0000 (20:53 +0000)]
Revert "Turn off overflow protection for various math functions"
This reverts commit
cbf5e6915c42c691a6ccb9a5d249e450f9e67467.
Change-Id: I0a81c26d22fee36485b21c285dcc91fbd518e1dd
Eino-Ville Talvala [Wed, 1 Feb 2017 23:27:41 +0000 (15:27 -0800)]
CameraBase: Don't return an sp<> by reference
If the server dies, the binder death callback clears out
the global camera service sp<>, and any current references to it
will become quite unhappy.
Test: Camera CTS passes
Bug:
31992879
Change-Id: I2966bed35d0319e3f26e3d4b1b8dc08006a22348
Marco Nelissen [Thu, 2 Feb 2017 19:39:34 +0000 (19:39 +0000)]
Turn off overflow protection for various math functions am:
cbf5e6915c am:
72b1fdbf49 am:
a25eb35608
am:
3d58f94eec
Change-Id: I6be57dc624b46c1517fab973f34dd98b7d808a28
Marco Nelissen [Thu, 2 Feb 2017 19:36:52 +0000 (19:36 +0000)]
Turn off overflow protection for various math functions am:
cbf5e6915c am:
72b1fdbf49
am:
a25eb35608
Change-Id: Ia0f2f794297ab8b4c5070e5948c748d0265aa54b
Marco Nelissen [Thu, 2 Feb 2017 19:34:21 +0000 (19:34 +0000)]
Turn off overflow protection for various math functions am:
cbf5e6915c
am:
72b1fdbf49
Change-Id: I46daf840866183690f27ff7b3e6ed7ffe8bec9f5
Marco Nelissen [Thu, 2 Feb 2017 19:31:52 +0000 (19:31 +0000)]
Turn off overflow protection for various math functions
am:
cbf5e6915c
Change-Id: Iee62ce7ef71208e30d9ee7b98342163bfc997779
Marco Nelissen [Wed, 1 Feb 2017 23:35:35 +0000 (15:35 -0800)]
Turn off overflow protection for various math functions
These functions also exist as arm assembly files, where the overflows
just wrap around, and this makes their plain C equivalents behave
the same.
Bug:
32577290
Bug:
33071964
Test: ran PoC for bug
32577290 using plain C source code
Change-Id: I73c2609589e7a89d36f6c44391548312259daf14
Robert Shih [Mon, 30 Jan 2017 19:46:10 +0000 (19:46 +0000)]
avc_utils: skip empty NALs from malformed bistreams
am:
91fe76a157
Change-Id: I4fc3e40dbfe2839611265ba178a9f35e05bcc28a
Robert Shih [Wed, 25 Jan 2017 02:08:59 +0000 (18:08 -0800)]
avc_utils: skip empty NALs from malformed bistreams
Avoid a CHECK and make it the decoder's repsonsibility to handle a
malformed bistream gracefully.
Bug:
34509901
Bug:
33137046
Test: StagefrightTest#testStagefright_bug_27855419_CVE_2016_2463
Change-Id: I2d94f8da63d65a86a9c711c45546e4c695e0f3b4
Mark Salyzyn [Mon, 23 Jun 2014 21:13:22 +0000 (14:13 -0700)]
stagefright: parseApp check data boundary conditions
Test: compile, no poc for boundary violation.
Bug:
34056274
Change-Id: I23f5ccba8f211e01d9a3a741c8ea537b55aab4e2
Eric Laurent [Thu, 1 Dec 2016 23:28:29 +0000 (15:28 -0800)]
DO NOT MERGE - improve audio effect framwework thread safety
- Reorganize handle effect creation code to make sure the effect engine
is created with both thread and effect chain mutex held.
- Reorganize handle disconnect code to make sure the effect engine
is released with both thread and effect chain mutex held.
- Protect IEffect interface methods in EffectHande with a Mutex.
- Only pin effect if the session was acquired first.
- Do not use strong pointer to EffectModule in EffectHandles:
only the EffectChain has a single strong reference to the EffectModule.
- Check reply size before writing status in EffectHandle::command()
Bug:
32707507
Bug:
32095713
Change-Id: Ia1098cba2cd32cc2d1c9dfdff4adc2388dfed80e
(cherry picked from commit
84c392104e905bfacc753ec0ddb96ce7813d1889)
Marco Nelissen [Tue, 17 Jan 2017 19:10:23 +0000 (19:10 +0000)]
Don't CHECK when buffer is too large am:
c2f0c73bfc am:
acb7186e6e am:
0a4db601b4
am:
8474c51aaf
Change-Id: I8a151eff3d02600134c929754c1420353f6a6ab1
Marco Nelissen [Tue, 17 Jan 2017 19:06:56 +0000 (19:06 +0000)]
Don't CHECK when buffer is too large am:
c2f0c73bfc am:
acb7186e6e
am:
0a4db601b4
Change-Id: I46806d03da614119b805087d995f8f40c70ee3b2
Marco Nelissen [Tue, 17 Jan 2017 18:46:50 +0000 (18:46 +0000)]
Don't CHECK when buffer is too large am:
c2f0c73bfc
am:
acb7186e6e
Change-Id: I9af93746702bb746a48420dbb03fc29878ef730f
Marco Nelissen [Tue, 17 Jan 2017 18:27:32 +0000 (18:27 +0000)]
Don't CHECK when buffer is too large
am:
c2f0c73bfc
Change-Id: Ibcc5b7a28092fdcba5082b956e3bbdb0fc2d3f4a
Marco Nelissen [Sat, 14 Jan 2017 02:31:51 +0000 (02:31 +0000)]
Don't initialize sync sample parameters until the end
am:
a9660fe122
Change-Id: Ia072f16604c3e766d4d2cdc49b88efcf182ca5f7