diff options
| author | Neel Mehta <nmehta@google.com> | 2015-08-18 13:36:33 +0000 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2015-08-18 13:36:33 +0000 |
| commit | a2a6826494dec4a8fab6bd6828828fae886e516a (patch) | |
| tree | 3f90c877667c833507a014502693a0931f70ccbd /media/libstagefright/id3/ID3.cpp | |
| parent | 073a656d7dd0b432e7c8d508745d9fb552955b9e (diff) | |
| parent | c37f7f6fa0cb7f55cdc5b2d4ccbf2c87c3bc6c3b (diff) | |
| download | frameworks_av-a2a6826494dec4a8fab6bd6828828fae886e516a.zip frameworks_av-a2a6826494dec4a8fab6bd6828828fae886e516a.tar.gz frameworks_av-a2a6826494dec4a8fab6bd6828828fae886e516a.tar.bz2 | |
am c37f7f6f: Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
* commit 'c37f7f6fa0cb7f55cdc5b2d4ccbf2c87c3bc6c3b':
Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
Diffstat (limited to 'media/libstagefright/id3/ID3.cpp')
| -rw-r--r-- | media/libstagefright/id3/ID3.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/media/libstagefright/id3/ID3.cpp b/media/libstagefright/id3/ID3.cpp index 2a139b3..8dcecbb 100644 --- a/media/libstagefright/id3/ID3.cpp +++ b/media/libstagefright/id3/ID3.cpp @@ -349,7 +349,7 @@ bool ID3::removeUnsynchronizationV2_4(bool iTunesHack) { if (flags & 1) { // Strip data length indicator - if (mSize < 14 || mSize - 14 < offset) { + if (mSize < 14 || mSize - 14 < offset || dataSize < 4) { return false; } memmove(&mData[offset + 10], &mData[offset + 14], mSize - offset - 14); |