git.osdn.net Git - android-x86/frameworks-av.git/log

(root) / android-x86 / frameworks-av.git / log

Marco Nelissen [Mon, 13 Mar 2017 22:39:25 +0000 (22:39 +0000)]

Merge "Fix integer overflow and divide-by-zero" into klp-dev am: b264ece2c0
am: bbca2719c6

Change-Id: If5ae485e1be0df3d4f61edf689d5b4c1520077b8

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:39:10 +0000 (22:39 +0000)]

Merge "Fix NPDs in h263 decoder" into klp-dev am: 012e5fd39e
am: 9e8dfb5938

Change-Id: I875cb7bba1bc6f6f443923a04629ae44a9d41140

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:38:56 +0000 (22:38 +0000)]

Merge "Fix out of bounds access" into klp-dev am: 360cbbd72c
am: f71b76cae8

Change-Id: I3306be5d7bb3867287732757dd14170527488b68

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:34:54 +0000 (22:34 +0000)]

Merge "Fix integer overflow and divide-by-zero" into klp-dev
am: b264ece2c0

Change-Id: Id65ef33cb965b6fbdec95d9429ee05b134fd14f3

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:34:40 +0000 (22:34 +0000)]

Merge "Fix NPDs in h263 decoder" into klp-dev
am: 012e5fd39e

Change-Id: I2ad3e1364472558cf48c51fb3e2a08002d74c32d

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:34:26 +0000 (22:34 +0000)]

Merge "Fix out of bounds access" into klp-dev
am: 360cbbd72c

Change-Id: I9ea32d31b1281689c4b5997a6c328630031c1795

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:31:24 +0000 (22:31 +0000)]

Merge "Fix integer overflow and divide-by-zero" into klp-dev

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:30:25 +0000 (22:30 +0000)]

Merge "Fix NPDs in h263 decoder" into klp-dev

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Mar 2017 22:28:40 +0000 (22:28 +0000)]

Merge "Fix out of bounds access" into klp-dev

commit | commitdiff | tree

Marco Nelissen [Fri, 3 Mar 2017 21:37:27 +0000 (13:37 -0800)]

Fix NPDs in h263 decoder

Bug: 35269635
Test: decoded PoC with and without patch
Change-Id: I636a14360c7801cc5bca63c9cb44d1d235df8fd8

commit | commitdiff | tree

Marco Nelissen [Fri, 10 Mar 2017 19:28:44 +0000 (11:28 -0800)]

Fix out of bounds access

Bug: 34618607
Change-Id: I84f0ef948414d0b2d54e8948b6c30b8ae4da2b36

commit | commitdiff | tree

Andy Hung [Fri, 10 Mar 2017 22:36:28 +0000 (22:36 +0000)]

Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev am: e0da30dc57
am: 737754e97a

Change-Id: Ide9fb3f4955a31ade22f99c299f441d8413c1b88

commit | commitdiff | tree

Andy Hung [Fri, 10 Mar 2017 22:32:59 +0000 (22:32 +0000)]

Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev
am: e0da30dc57

Change-Id: Ia8aee821949f27b81e5c0ddca2e39aa9e478a432

commit | commitdiff | tree

Andy Hung [Fri, 10 Mar 2017 22:29:51 +0000 (22:29 +0000)]

Merge "DO NOT MERGE AudioFlinger: Check framecount overflow when creating track" into klp-dev

commit | commitdiff | tree

Marco Nelissen [Thu, 9 Mar 2017 23:01:55 +0000 (15:01 -0800)]

Fix integer overflow and divide-by-zero

Bug: 35763994
Test: ran CTS with and without fix
Change-Id: If835e97ce578d4fa567e33e349e48fb7b2559e0e

commit | commitdiff | tree

Wonsik Kim [Thu, 16 Feb 2017 01:31:19 +0000 (01:31 +0000)]

DO NOT MERGE codecs: handle onReset() for a few encoders am: dd447c354e
am: afaa438503

Change-Id: Ife5d8803e38a6d62f820929c6eb83b93f8ec64c1

commit | commitdiff | tree

Wonsik Kim [Thu, 16 Feb 2017 01:28:51 +0000 (01:28 +0000)]

DO NOT MERGE codecs: handle onReset() for a few encoders
am: dd447c354e

Change-Id: I0f2bde22c3e3b19d364ffce46f2e7c67f4016d75

commit | commitdiff | tree

Wonsik Kim [Fri, 10 Feb 2017 05:29:40 +0000 (14:29 +0900)]

DO NOT MERGE codecs: handle onReset() for a few encoders

Test: Run PoC binaries
Bug: 34749392
Bug: 34705519
Change-Id: I3356eb615b0e79272d71d72578d363671038c6dd

commit | commitdiff | tree

Andy Hung [Tue, 14 Feb 2017 02:48:39 +0000 (18:48 -0800)]

DO NOT MERGE AudioFlinger: Check framecount overflow when creating track

Test: Native POC
Bug: 34749571
Change-Id: I7529658e52ac7e64d162eb5338f10fb25eaa8fe7

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Feb 2017 21:43:48 +0000 (21:43 +0000)]

Merge "Fix overflow check and check read result" into klp-dev am: b6aa3901ce
am: e541fa1764

Change-Id: Ia2962471693b1c4302d4535a0f95dd8d914c3cb8

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Feb 2017 21:43:31 +0000 (21:43 +0000)]

Merge "stagefright: parseApp check data boundary conditions" into klp-dev am: 65433ff04d
am: 86bd734f58

Change-Id: I3729ea0064642ac10292561d450565ee735af369

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Feb 2017 21:41:14 +0000 (21:41 +0000)]

Merge "Fix overflow check and check read result" into klp-dev
am: b6aa3901ce

Change-Id: I80ef33d8f0593fa723077e91a5ca406f27b0b746

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Feb 2017 21:40:59 +0000 (21:40 +0000)]

Merge "stagefright: parseApp check data boundary conditions" into klp-dev
am: 65433ff04d

Change-Id: I6be526b6ed9df22c9699445efaa4f0ed2ae266b4

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Feb 2017 21:36:48 +0000 (21:36 +0000)]

Merge "Fix overflow check and check read result" into klp-dev

commit | commitdiff | tree

Marco Nelissen [Mon, 13 Feb 2017 21:35:18 +0000 (21:35 +0000)]

Merge "stagefright: parseApp check data boundary conditions" into klp-dev

commit | commitdiff | tree

Marco Nelissen [Mon, 6 Feb 2017 22:12:30 +0000 (14:12 -0800)]

Fix overflow check and check read result

Bug: 33861560
Test: build
Change-Id: Ia85519766e19a6e37237166f309750b3e8323c4e

commit | commitdiff | tree

Eino-Ville Talvala [Thu, 2 Feb 2017 23:49:04 +0000 (23:49 +0000)]

Merge "CameraBase: Don't return an sp<> by reference" into klp-dev am: fdf64bab96
am: 4fca12e56f

Change-Id: I082c1ec76a3b05de211d169ee07a7a1f544081dc

commit | commitdiff | tree

Eino-Ville Talvala [Thu, 2 Feb 2017 23:49:01 +0000 (23:49 +0000)]

CameraBase: Don't return an sp<> by reference am: 4b49489c12
am: 8c32699ceb

Change-Id: I6fac31b3eaa435a665643343c2a6d8a6959be107

commit | commitdiff | tree

Eino-Ville Talvala [Thu, 2 Feb 2017 23:47:02 +0000 (23:47 +0000)]

Merge "CameraBase: Don't return an sp<> by reference" into klp-dev
am: fdf64bab96

Change-Id: Ied7016c8cfaaa0d7ed714f753b8827cf0179cb1a

commit | commitdiff | tree

Eino-Ville Talvala [Thu, 2 Feb 2017 23:47:01 +0000 (23:47 +0000)]

CameraBase: Don't return an sp<> by reference
am: 4b49489c12

Change-Id: I4befb08a206d22e71a6ab2bfd44fb90ddbd62915

commit | commitdiff | tree

Eino-Ville Talvala [Thu, 2 Feb 2017 23:42:07 +0000 (23:42 +0000)]

Merge "CameraBase: Don't return an sp<> by reference" into klp-dev

commit | commitdiff | tree

Marco Nelissen [Thu, 2 Feb 2017 21:26:19 +0000 (21:26 +0000)]

Revert "Turn off overflow protection for various math functions" am: 2dd1d5e02e
am: aa5498018f

Change-Id: Ica9690b213037f6bd4c13bf14a4d66b77b7def41

commit | commitdiff | tree

Marco Nelissen [Thu, 2 Feb 2017 21:24:19 +0000 (21:24 +0000)]

Revert "Turn off overflow protection for various math functions"
am: 2dd1d5e02e

Change-Id: I37734de98f269e6886be0578b4ff9db31229c8de

commit | commitdiff | tree

Marco Nelissen [Thu, 2 Feb 2017 20:53:17 +0000 (20:53 +0000)]

Revert "Turn off overflow protection for various math functions"

This reverts commit cbf5e6915c42c691a6ccb9a5d249e450f9e67467.

Change-Id: I0a81c26d22fee36485b21c285dcc91fbd518e1dd

commit | commitdiff | tree

Eino-Ville Talvala [Wed, 1 Feb 2017 23:27:41 +0000 (15:27 -0800)]

CameraBase: Don't return an sp<> by reference

If the server dies, the binder death callback clears out
the global camera service sp<>, and any current references to it
will become quite unhappy.

Test: Camera CTS passes
Bug: 31992879
Change-Id: I2966bed35d0319e3f26e3d4b1b8dc08006a22348

commit | commitdiff | tree

Marco Nelissen [Thu, 2 Feb 2017 19:34:21 +0000 (19:34 +0000)]

Turn off overflow protection for various math functions am: cbf5e6915c
am: 72b1fdbf49

Change-Id: I46daf840866183690f27ff7b3e6ed7ffe8bec9f5

commit | commitdiff | tree

Marco Nelissen [Thu, 2 Feb 2017 19:31:52 +0000 (19:31 +0000)]

Turn off overflow protection for various math functions
am: cbf5e6915c

Change-Id: Iee62ce7ef71208e30d9ee7b98342163bfc997779

commit | commitdiff | tree

Marco Nelissen [Wed, 1 Feb 2017 23:35:35 +0000 (15:35 -0800)]

Turn off overflow protection for various math functions

These functions also exist as arm assembly files, where the overflows
just wrap around, and this makes their plain C equivalents behave
the same.

Bug: 32577290
Bug: 33071964
Test: ran PoC for bug 32577290 using plain C source code
Change-Id: I73c2609589e7a89d36f6c44391548312259daf14

commit | commitdiff | tree

Mark Salyzyn [Mon, 23 Jun 2014 21:13:22 +0000 (14:13 -0700)]

stagefright: parseApp check data boundary conditions

Test: compile, no poc for boundary violation.
Bug: 34056274
Change-Id: I23f5ccba8f211e01d9a3a741c8ea537b55aab4e2

commit | commitdiff | tree

Marco Nelissen [Tue, 17 Jan 2017 18:46:50 +0000 (18:46 +0000)]

Don't CHECK when buffer is too large am: c2f0c73bfc
am: acb7186e6e

Change-Id: I9af93746702bb746a48420dbb03fc29878ef730f

commit | commitdiff | tree

Marco Nelissen [Tue, 17 Jan 2017 18:27:32 +0000 (18:27 +0000)]

Don't CHECK when buffer is too large
am: c2f0c73bfc

Change-Id: Ibcc5b7a28092fdcba5082b956e3bbdb0fc2d3f4a

commit | commitdiff | tree

Marco Nelissen [Fri, 6 Jan 2017 21:57:51 +0000 (13:57 -0800)]

Don't CHECK when buffer is too large

Bug: 31647370
Test: ran CTS test with and without patch
Change-Id: I4e3a37aabc9387432671c1c0c469241142612cc4

commit | commitdiff | tree

Eric Laurent [Wed, 4 Jan 2017 22:17:58 +0000 (22:17 +0000)]

DO NOT MERGE - improve audio effect framwework thread safety am: b47a5ab107
am: 26cf2f4d73

Change-Id: I6513190cce6756c47e5ede0dc578fa0d2c5889b3

commit | commitdiff | tree

Eric Laurent [Wed, 4 Jan 2017 22:15:29 +0000 (22:15 +0000)]

DO NOT MERGE - improve audio effect framwework thread safety
am: b47a5ab107

Change-Id: I46af7560653784852e771a2eefd581989aac0644

commit | commitdiff | tree

Eric Laurent [Thu, 1 Dec 2016 23:28:29 +0000 (15:28 -0800)]

DO NOT MERGE - improve audio effect framwework thread safety

- Reorganize handle effect creation code to make sure the effect engine
is created with both thread and effect chain mutex held.
- Reorganize handle disconnect code to make sure the effect engine
is released with both thread and effect chain mutex held.
- Protect IEffect interface methods in EffectHande with a Mutex.
- Only pin effect if the session was acquired first.
- Do not use strong pointer to EffectModule in EffectHandles:
only the EffectChain has a single strong reference to the EffectModule.
- Check reply size before writing status in EffectHandle::command()

Bug: 32707507
Bug: 32095713

Change-Id: Ia1098cba2cd32cc2d1c9dfdff4adc2388dfed80e

commit | commitdiff | tree

Andy Hung [Sat, 3 Dec 2016 00:38:50 +0000 (00:38 +0000)]

Merge "Effect: Use local cached data for Effect commit" into klp-dev am: 1576f5968c
am: 308e51173e

Change-Id: I7d741aa81543b95a6c3aeada9a259ba5a4c9b5bb

commit | commitdiff | tree

Andy Hung [Sat, 3 Dec 2016 00:38:33 +0000 (00:38 +0000)]

Effect: Use local cached data for Effect commit am: dd79ccda92
am: 82c8c7656f

Change-Id: I8819bc1146b0b751abc0790edd4b7d73f2198038

commit | commitdiff | tree

Andy Hung [Sat, 3 Dec 2016 00:36:02 +0000 (00:36 +0000)]

Merge "Effect: Use local cached data for Effect commit" into klp-dev
am: 1576f5968c

Change-Id: I3310e7efeb0bcd1826d112e94e13f46ce5234755

commit | commitdiff | tree

Andy Hung [Sat, 3 Dec 2016 00:36:01 +0000 (00:36 +0000)]

Effect: Use local cached data for Effect commit
am: dd79ccda92

Change-Id: Ide8165907e03b9d400eaa33a222ceeae782d6509

commit | commitdiff | tree

Andy Hung [Sat, 3 Dec 2016 00:32:27 +0000 (00:32 +0000)]

Merge "Effect: Use local cached data for Effect commit" into klp-dev

commit | commitdiff | tree

rago [Wed, 30 Nov 2016 19:17:48 +0000 (19:17 +0000)]

Fix security vulnerability: potential OOB write in audioserver am: e275907e57
am: 01e854056a

Change-Id: I7ea6a871eed4b9e1c56c5350c4e5fb5eb628e816

commit | commitdiff | tree

rago [Wed, 30 Nov 2016 19:12:17 +0000 (19:12 +0000)]

Fix security vulnerability: potential OOB write in audioserver
am: e275907e57

Change-Id: I38086dbaeeef1c068887cc20aca9d557bb159372

commit | commitdiff | tree

rago [Wed, 23 Nov 2016 02:02:48 +0000 (18:02 -0800)]

Fix security vulnerability: potential OOB write in audioserver

Bug: 32705438
Bug: 32703959
Test: cts security test
Change-Id: I8900c92fa55b56c4c2c9d721efdbabe6bfc8a4a4

commit | commitdiff | tree

Andy Hung [Wed, 16 Nov 2016 01:19:58 +0000 (17:19 -0800)]

Effect: Use local cached data for Effect commit

Test: POC, Cts Effect, BassBoost, EnvReverb, Equalizer,
Test: LoudnessEnhancer, PresetReverb, Virtualizer, Visualizer
Bug: 32220769
Change-Id: Iea96ba0daf71691ee8954cca4ba1c10fe827626e

commit | commitdiff | tree

Ricardo Garcia [Tue, 15 Nov 2016 23:35:55 +0000 (23:35 +0000)]

Merge "Fix security vulnerability: Effect command might allow negative indexes" into klp-dev am: 501aee7a54
am: dd269152c4

Change-Id: I336c76f311fc09cd81ccd22a35dada99d0b76be7

commit | commitdiff | tree

rago [Tue, 15 Nov 2016 23:35:37 +0000 (23:35 +0000)]

Fix security vulnerability: Effect command might allow negative indexes am: 01183402d7
am: 94e3424b74

Change-Id: Id0353ac5716377b45e3a967110d43d9baf744be8

commit | commitdiff | tree

Ricardo Garcia [Tue, 15 Nov 2016 23:28:07 +0000 (23:28 +0000)]

Merge "Fix security vulnerability: Effect command might allow negative indexes" into klp-dev
am: 501aee7a54

Change-Id: I7386c90f91d41d2b6df3efc28cfa6e4b4f79608a

commit | commitdiff | tree

rago [Tue, 15 Nov 2016 23:28:06 +0000 (23:28 +0000)]

Fix security vulnerability: Effect command might allow negative indexes
am: 01183402d7

Change-Id: I13603ac1cdb57b844ca7d03f119adda832825f34

commit | commitdiff | tree

Ricardo Garcia [Tue, 15 Nov 2016 23:19:20 +0000 (23:19 +0000)]

Merge "Fix security vulnerability: Effect command might allow negative indexes" into klp-dev

commit | commitdiff | tree

rago [Mon, 14 Nov 2016 22:58:34 +0000 (14:58 -0800)]

Fix security vulnerability: Effect command might allow negative indexes

Bug: 32448258
Bug: 32095626

Test: Use POC bug or cts security test
Change-Id: I69f24eac5866f8d9090fc4c0ebe58c2c297b63df

commit | commitdiff | tree

Marco Nelissen [Mon, 14 Nov 2016 20:21:03 +0000 (20:21 +0000)]

Make VBRISeeker more robust am: 7fdd36418e
am: ae0cffaced

Change-Id: I3e6fdf30fc372fb32cfbd24a37814d0946eaca2f

commit | commitdiff | tree

Marco Nelissen [Mon, 14 Nov 2016 20:13:03 +0000 (20:13 +0000)]

Make VBRISeeker more robust
am: 7fdd36418e

Change-Id: I0138de501cd433986e77927e27a527606b61ea25

commit | commitdiff | tree

Marco Nelissen [Fri, 11 Nov 2016 17:20:00 +0000 (09:20 -0800)]

Make VBRISeeker more robust

Bug: 32577290
Change-Id: I9bcc9422ae7dd3ae4a38df330c9dcd7ac4941ec8

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:26:36 +0000 (19:26 +0000)]

Merge "Effects: Check get parameter command size" into klp-dev am: c5768d0921
am: cfe5d97cf3

Change-Id: I748c867f0259d70eddec229457ca68ac7581dc09

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:26:21 +0000 (19:26 +0000)]

Effects: Check get parameter command size am: 3d34cc76e3
am: 59920bf785

Change-Id: I2d90659faa7d0085b33d0f527a97fa6dc82a70d7

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:26:06 +0000 (19:26 +0000)]

Merge "DO NOT MERGE: Visualizer: Check capture size and latency parameters" into klp-dev am: f89590d009
am: 50f9a9faea

Change-Id: I2768ab9532953fde21bd10fcca5a509602e80553

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:25:50 +0000 (19:25 +0000)]

DO NOT MERGE: Visualizer: Check capture size and latency parameters am: 86cbc180f4
am: ce8b7cd373

Change-Id: I2afd4ba46fd6d62c3e89e49ec826ef7d683b324a

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:20:32 +0000 (19:20 +0000)]

Merge "Effects: Check get parameter command size" into klp-dev
am: c5768d0921

Change-Id: Ibd53fe698f492b7b4bb02181c8dda355a7485990

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:20:29 +0000 (19:20 +0000)]

Effects: Check get parameter command size
am: 3d34cc76e3

Change-Id: Iacc05ef6b8fd1e906daaa3fd0b39c39049b47a0c

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:19:52 +0000 (19:19 +0000)]

Merge "DO NOT MERGE: Visualizer: Check capture size and latency parameters" into klp-dev
am: f89590d009

Change-Id: I8a9006c295b1a4b5759be649432a93851d66efc6

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:19:51 +0000 (19:19 +0000)]

DO NOT MERGE: Visualizer: Check capture size and latency parameters
am: 86cbc180f4

Change-Id: Ieefd729dc4b90ecaba5bd7684b940ec70f9203b5

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:16:40 +0000 (19:16 +0000)]

Merge "Effects: Check get parameter command size" into klp-dev

commit | commitdiff | tree

Andy Hung [Thu, 10 Nov 2016 19:13:24 +0000 (19:13 +0000)]

Merge "DO NOT MERGE: Visualizer: Check capture size and latency parameters" into klp-dev

commit | commitdiff | tree

Ricardo Garcia [Wed, 9 Nov 2016 19:31:02 +0000 (19:31 +0000)]

Merge "Fix security vulnerability: Equalizer command might allow negative indexes" into klp-dev am: fc6faebb08
am: ef01da120b

Change-Id: I6cf6ce34535fd3120b9865c27dce39b043e595fc

commit | commitdiff | tree

rago [Wed, 9 Nov 2016 19:30:47 +0000 (19:30 +0000)]

Fix security vulnerability: Equalizer command might allow negative indexes am: e981cca9ff
am: 8fb8275471

Change-Id: Iba4ca7302804912646e8c510d2e436ebbf8373aa

commit | commitdiff | tree

Ricardo Garcia [Wed, 9 Nov 2016 19:25:17 +0000 (19:25 +0000)]

Merge "Fix security vulnerability: Equalizer command might allow negative indexes" into klp-dev
am: fc6faebb08

Change-Id: I8f81e75106cecd69eb8942dea1c375ce7aa729fd

commit | commitdiff | tree

rago [Wed, 9 Nov 2016 19:25:16 +0000 (19:25 +0000)]

Fix security vulnerability: Equalizer command might allow negative indexes
am: e981cca9ff

Change-Id: I8355da91fab0d63fab72e05ba907708a3f3fe9c8

commit | commitdiff | tree

Ricardo Garcia [Wed, 9 Nov 2016 19:14:34 +0000 (19:14 +0000)]

Merge "Fix security vulnerability: Equalizer command might allow negative indexes" into klp-dev

commit | commitdiff | tree

Ray Essick [Wed, 9 Nov 2016 18:27:11 +0000 (18:27 +0000)]

DO NOT MERGE: defensive parsing of mp3 album art information am: 2ff80538b7
am: c3819cfda9

Change-Id: I2a98a164f3c1d728e0f5bec906116cd1bffac19a

commit | commitdiff | tree

Ray Essick [Wed, 9 Nov 2016 18:21:12 +0000 (18:21 +0000)]

DO NOT MERGE: defensive parsing of mp3 album art information
am: 2ff80538b7

Change-Id: I864307c871b8ab48fd0fe2ddaba2e6ead0f0233a

commit | commitdiff | tree

Andy Hung [Sat, 5 Nov 2016 02:40:53 +0000 (19:40 -0700)]

Effects: Check get parameter command size

Test: Custom test.
Bug: 32438594
Bug: 32624850
Bug: 32635664
Change-Id: I9b1315e2c02f11bea395bfdcf5c1ccddccbad8a6

commit | commitdiff | tree

Ray Essick [Wed, 2 Nov 2016 21:15:43 +0000 (14:15 -0700)]

DO NOT MERGE: defensive parsing of mp3 album art information

several points in stagefrights mp3 album art code
used strlen() to parse user-supplied strings that may be
unterminated, resulting in reading beyond the end of a buffer.

This changes the code to use strnlen() for 8-bit encodings and
strengthens the parsing of 16-bit encodings similarly. It also
reworks how we watch for the end-of-buffer to avoid all over-reads.

Bug: 32377688
Test: crafted mp3's w/ good/bad cover art. See what showed in play music
Change-Id: Idbaf221fa2283b33e83f399562a3323dd095cc2c

commit | commitdiff | tree

rago [Mon, 31 Oct 2016 19:50:20 +0000 (12:50 -0700)]

Fix security vulnerability: Equalizer command might allow negative indexes

Bug: 32247948
Bug: 32438598
Bug: 32436341

Test: use POC on bug or cts security test

Change-Id: I91bd6aadb6c7410163e03101f365db767f4cd2a3
(cherry picked from commit 0872b65cff9129633471945431b9a5a28418049c)

commit | commitdiff | tree

Andy Hung [Wed, 19 Oct 2016 00:13:09 +0000 (17:13 -0700)]

DO NOT MERGE: Visualizer: Check capture size and latency parameters

Bug: 31781965
Change-Id: I1c439a0d0f6aa0057b3c651499f28426e1e1f5e4

commit | commitdiff | tree

Marco Nelissen [Thu, 13 Oct 2016 23:28:29 +0000 (23:28 +0000)]

Merge "DO NOT MERGE Fix divide by zero" into klp-dev am: 2c28e5b126
am: a5477b11be

Change-Id: I23bc38094b99e0563a4aeeb7df08631212d0b73a

commit | commitdiff | tree

Marco Nelissen [Thu, 13 Oct 2016 23:28:17 +0000 (23:28 +0000)]

DO NOT MERGE Fix divide by zero am: febbd52cd9
am: 55ce7e5d1e

Change-Id: I792667b35aacfa1b910a332d855f002615041408

commit | commitdiff | tree

Marco Nelissen [Thu, 13 Oct 2016 23:25:47 +0000 (23:25 +0000)]

Merge "DO NOT MERGE Fix divide by zero" into klp-dev
am: 2c28e5b126

Change-Id: Ic69824aeaf760eb6b5e79fef78be41c2cb4d749e

commit | commitdiff | tree

Marco Nelissen [Thu, 13 Oct 2016 23:25:47 +0000 (23:25 +0000)]

DO NOT MERGE Fix divide by zero
am: febbd52cd9

Change-Id: I229ab9fee73b63493c4e61493de6183857ef886a

commit | commitdiff | tree

Marco Nelissen [Thu, 13 Oct 2016 23:19:54 +0000 (23:19 +0000)]

Merge "DO NOT MERGE Fix divide by zero" into klp-dev

commit | commitdiff | tree

Ricardo Garcia [Thu, 13 Oct 2016 01:26:59 +0000 (01:26 +0000)]

Merge "Fix potential NULL dereference in Visualizer effect" into klp-dev am: eee86b009e
am: 6732f45ee9

Change-Id: Ic59a0ab61486e1a420988653e4276b3f5e660729

commit | commitdiff | tree

rago [Thu, 13 Oct 2016 01:26:47 +0000 (01:26 +0000)]

Fix potential NULL dereference in Visualizer effect am: 874f9e0b8e
am: f060479b9a

Change-Id: I69eb3819f246e6d807af099f9a0260146cd06fd2

commit | commitdiff | tree

Ricardo Garcia [Thu, 13 Oct 2016 01:19:49 +0000 (01:19 +0000)]

Merge "Fix potential NULL dereference in Visualizer effect" into klp-dev
am: eee86b009e

Change-Id: Id6c3168ccbf272646f123090ab4fadab34b0f728

commit | commitdiff | tree

rago [Thu, 13 Oct 2016 01:19:48 +0000 (01:19 +0000)]

Fix potential NULL dereference in Visualizer effect
am: 874f9e0b8e

Change-Id: I382b8cc3799b52e085aac0ccec7dcb668a4933ec

commit | commitdiff | tree

Ricardo Garcia [Thu, 13 Oct 2016 01:13:46 +0000 (01:13 +0000)]

Merge "Fix potential NULL dereference in Visualizer effect" into klp-dev

commit | commitdiff | tree

Pawin Vongmasa [Thu, 13 Oct 2016 01:06:30 +0000 (01:06 +0000)]

Merge "DO NOT MERGE - MPEG4Extractor: Check mLastTrack before dereferencing." into klp-dev am: 8caef85235
am: b512f4ab42

Change-Id: Ic852128c935782783fc03175be9968da6e894e90

commit | commitdiff | tree

Pawin Vongmasa [Thu, 13 Oct 2016 01:06:16 +0000 (01:06 +0000)]

DO NOT MERGE - MPEG4Extractor: Check mLastTrack before dereferencing. am: de84a76b86
am: 2c76c56d56

Change-Id: I24c8963da1f34e724213bbb896722a06d1eca378

commit | commitdiff | tree

Pawin Vongmasa [Thu, 13 Oct 2016 00:59:47 +0000 (00:59 +0000)]

Merge "DO NOT MERGE - MPEG4Extractor: Check mLastTrack before dereferencing." into klp-dev
am: 8caef85235

Change-Id: I9b4b155c4a720b27120428ea995833c426a65fef

commit | commitdiff | tree

Pawin Vongmasa [Thu, 13 Oct 2016 00:59:46 +0000 (00:59 +0000)]

DO NOT MERGE - MPEG4Extractor: Check mLastTrack before dereferencing.
am: de84a76b86

Change-Id: I7bfde467167616b191ac1d75f3ea08f1ba78089b

commit | commitdiff | tree

Pawin Vongmasa [Thu, 13 Oct 2016 00:47:33 +0000 (00:47 +0000)]

Merge "DO NOT MERGE - MPEG4Extractor: Check mLastTrack before dereferencing." into klp-dev

commit | commitdiff | tree

rago [Sat, 8 Oct 2016 01:16:09 +0000 (18:16 -0700)]

Fix potential NULL dereference in Visualizer effect

Bug: 30229821

Test: fixing CL. Existing unit tests still pass.

Change-Id: I6e4abd759d5d2abc3b391e92e2e18f060cab7af0

frameworks/av

RSS Atom

About OSDN

Find Software

Develop Software

Help