| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Even though storing metadata is not supported in MediaCodec.configure and
is only meant to be used by Stagefright recorder, don't fail configure.
Bug: 31986922
Change-Id: Id9f083be6e857e7a0d8d4a74159be5b8894e28be
(cherry picked from commit ae52fd383a43ac239f459078fd003ce8ac2efb55)
|
|
|
|
|
|
|
|
|
| |
The component might depends on their buffers to be initialized
in certain ways to work. Don't clear unless we're allocating it.
bug: 31586647
Change-Id: Ia0a125797e414998ef0cd8ce03672f5b1e0bbf7a
(cherry picked from commit ea76573aa276f51950007217a97903c4fe64f685)
|
|
|
|
|
|
|
|
|
| |
This was disallowed recently but we still use it as MediaCodcec.stop
only goes to loaded state, and does not free component.
Bug: 31450460
Change-Id: I72e092e4e55c9f23b1baee3e950d76e84a5ef28d
(cherry picked from commit e03b22839d78c841ce0a1a0a1ee1960932188b0b)
|
|
|
|
|
|
|
|
|
|
| |
This is only allowed in-process (if backup and codec buffers are
connected.)
Bug: 29422020
Bug: 31412859
Change-Id: If48e3e0b6f1af99a459fdc3f6f03744bbf0dc375
(cherry picked from commit 087ff38490016f4a0b6a1e717ae8af781d9b750c)
|
|
|
|
|
|
| |
Bug: 28615448
Change-Id: I5916f6839b4a9bbee4388a106e7373bcd4154f5a
(cherry picked from commit cb898dca47ac03738db91ddc371207435d2a1526)
|
|
|
|
|
|
| |
Bug: 31091777
Change-Id: Iddf99d0011961d0fd3d755e57db4365b6a6a1193
(cherry picked from commit 03237ce0f9584c98ccda76c2474a4ae84c763f5b)
|
|
|
|
|
|
|
|
|
| |
mprotect can theoretically fail, which could then let one exploit
a vulnerable codec if one exists on the device.
Bug: 31350239
Change-Id: I7b99c190619f0fb2eb93119596e6da0d2deb8ba5
(cherry picked from commit 866c800c0624bb13eee44973cc8a2ecd0012de6e)
|
|
|
|
|
|
|
|
|
|
| |
Get strong pointer to service interface by value and not reference to
prevent race conditions where the service pointer can be cleared
by another thread while in use.
Bug: 30907212
Change-Id: Iae838b3b672562c1d0cd63968399a6bfdda7f5ab
(cherry picked from commit 28a0e9ec74e5192aacffb279c80619ef284062b0)
|
|
|
|
|
|
|
|
|
|
| |
Get strong pointer to service interface by value and not reference to
prevent race conditions where the service pointer can be cleared
by another thread while in use.
Bug: 30907212
Change-Id: I6f02ec3fd1e6392b842b334e1cc4f9aa23916009
(cherry picked from commit 3b01b3019b1c62132792a1a94e2dc1f7cfc84f2e)
|
|
|
|
|
|
| |
bug: 30875060
Change-Id: I03f4d08b7b31ac5b507cfc9e65e5607c73972d95
(cherry picked from commit 9a6861cbd3bb0e1b8fe4c105795256ee032f9664)
|
|
|
|
|
|
|
| |
Bug: 30229821
Change-Id: Idd3c1563dc9d3261e6e168e945005bf133ab2cdb
(cherry picked from commit 099ab280775946e7c36c73fde47f2ee5a2579f53)
(cherry picked from commit 46dc714d523a41a4f886eecbe5b9947a4c900510)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Prohibit direct set/getParam/Settings for extensions meant for
OMXNodeInstance alone. This disallows enabling metadata mode
without the knowledge of OMXNodeInstance.
- Do not share metadata mode buffers cross process.
- Disallow setting up metadata mode/tunneling/input surface
after first sendCommand.
- Disallow store-meta for input cross process.
- Disallow emptyBuffer for surface input (via IOMX).
- Fix checking for input surface.
Bug: 29422020
Change-Id: I801c77b80e703903f62e42d76fd2e76a34e4bc8e
(cherry picked from commit f8a4cb410115045278f534e54b41ac78d6bf6c07)
|
|
|
|
|
|
|
| |
Bug: 31155917
Bug: 30204103
Change-Id: I9a2a59ddb900fc942e7c19b31b53a110d790474c
(cherry picked from commit 282841278723166e74039329ca56e444ad472daf)
|
|
|
|
|
|
|
| |
940829f69b52d6038db66a9c727534636ecc456d.
Change-Id: I4776db4a26fb3c31bb994d48788373fe569c812a
(cherry picked from commit baa9146401e28c5acf54dea21ddd197f0d3a8fcd)
|
|
|
|
|
|
| |
Bug: 30204301
Change-Id: Ib9c3ee1c2f23c96f8f7092dd9e146bc453d7a290
(cherry picked from commit e4a1d91501d47931dbae19c47815952378787ab6)
|
|
|
|
|
|
|
|
| |
Bug: 30148546
Change-Id: I082f535a853c96571887eeea37c6d41ecee7d8c0
(cherry picked from commit bb00d8f139ff51336ab3c810d35685003949bcf8)
(cherry picked from commit ef0c91518446e65533ca8bab6726a845f27c73fd)
|
|
|
|
|
|
| |
Bug: 30204103
Change-Id: Ie0dd3568a375f1e9fed8615ad3d85184bcc99028
(cherry picked from commit ee0a0e39acdcf8f97e0d6945c31ff36a06a36e9d)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Validate lengths on strings in ID3 tags, particularly around 0.
Also added code to handle cases when we can't get memory for
copies of strings we want to extract from these tags.
Affects L/M/N/master, same patch for all of them.
Bug: 30744884
Change-Id: I2675a817a39f0927ec1f7e9f9c09f2e61020311e
Test: play mp3 file which caused a <0 length.
(cherry picked from commit d23c01546c4f82840a01a380def76ab6cae5d43f)
|
|
|
|
|
|
|
|
| |
Also prevent overflow in SoftMPEG4 and division by zero in SoftMPEG4Encoder.
Bug: 30033990
Change-Id: I7701f5fc54c2670587d122330e5dc851f64ed3c2
(cherry picked from commit 695123195034402ca76169b195069c28c30342d3)
|
|
|
|
|
|
| |
Bug: 30103394
Change-Id: If449d3e30a0bf2ebea5317f41813bfed094f7408
(cherry picked from commit 2c74a3cd5d1d66b9a35424b9c4443dafa6db5bef)
|
|
|
|
|
| |
Bug: 29421804
Change-Id: Iba1011e9af942a6dff7f659af769a51e3f5ba66f
|
|
|
|
| |
Change-Id: I48ba34b3df9c9a896d4b18c3f48e41744b7dab54
|
|
|
|
| |
Change-Id: I96a9c437eec53a285ac96794cc1ad0c8954b27e0
|
|
|
|
|
|
| |
Bug: 29250543
Change-Id: I3518416e89ed901021970958fb6005fd69129f7c
(cherry picked from commit 1d3f4278b2666d1a145af2f54782c993aa07d1d9)
|
|
|
|
| |
Change-Id: I9bb8c659d3fc97a8e748451d82d0f3448faa242b
|
|
|
|
|
| |
Bug: 29421675
Change-Id: I25d4cf54a5df22c2130c37e95c7c7f75063111f3
|
|
|
|
|
| |
Bug: 29421811
Change-Id: I0a73ba12bae4122f1d89fc92e5ea4f6a96cd1ed1
|
|
|
|
|
|
|
|
|
|
| |
change unbound sprintf() to snprintf() so network-provided values
can't overflow the buffers.
Applicable to all K/L/M/N branches.
Bug: 25747670
Change-Id: Id6a5120c2d08a6fbbd47deffb680ecf82015f4f6
|
|
|
|
|
|
|
|
| |
Additionally, remove use of variable length array which is
non-standard in C++.
Bug: 29161888
Change-Id: Ifdc3e7435f2225214c053b13f3bfe71c7d0ff506
|
|
|
|
|
| |
Bug: 29422022
Change-Id: I70c9e33269d16bf8c163815706ac24e18e34fe97
|
|
|
|
|
|
|
|
|
|
| |
Impose a restriction of 200MiB for tables in stsc, stts, ctts and stss
boxes. Also change mTimeToSample from Vector to array.
Bug: 29367429
Change-Id: I953bea9fe0590268cf27376740f582dc88563d42
Merge conflict resolution of ag/1170200 to mnc-mr2-release
|
|
|
|
|
|
|
|
| |
Subtract address of a random static object from pointers being routed
through app process.
Bug: 28466701
Change-Id: Idcbfe81e9507433769672f3dc6d67db5eeed4e04
|
|
|
|
|
| |
Bug: 28816827
Change-Id: I3d5bad4a1ef96dec544b05bb31cc6f7109aae0a5
|
|
|
|
|
| |
Bug: 29251553
Change-Id: I1bcc1281f1f0542bb645f6358ce31631f2a8ffbf
|
|
|
|
|
|
|
|
| |
Exit for error in allocation and unsupported resolutions
Bug: 28816956
Change-Id: Ieb830bedeb3a7431d1d21a024927df630f7eda1e
|
|
|
|
|
|
|
| |
because they may end up pointing to NULL after a NULL check was performed.
Bug: 28166152
Change-Id: Iab2ea30395b620628cc6f3d067dd4f6fcda824fe
|
|
|
|
|
| |
Bug: 29153599
Change-Id: I1cb81c054098b86cf24f024f8479909ca7bc85a6
|
|
|
|
|
| |
Bug: 28533562
Change-Id: I798ab24caa4c81f3ba564cad7c9ee019284fb702
|
|
|
|
|
|
| |
Change-Id: I336cb003fb7f50fd7d95c30ca47e45530a7ad503
(cherry picked from commit 33f6da1092834f1e4be199cfa3b6310d66b521c0)
(cherry picked from commit bb3a0338b58fafb01ac5b34efc450b80747e71e4)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
track.
GenericSource: return error when no track exists.
SampleIterator: make sure mSamplesPerChunk is not zero before using it as divisor.
Bug: 21657957
Bug: 23705695
Bug: 22802344
Bug: 28799341
Change-Id: I7664992ade90b935d3f255dcd43ecc2898f30b04
(cherry picked from commit 0386c91b8a910a134e5898ffa924c1b6c7560b13)
|
|
|
|
|
|
|
|
|
|
| |
Limit mediaserver using rlimit, to prevent it from bringing down the system
via the low memory killer.
Default max is 65% of total RAM, but can be customized via system property.
Bug: 28471206
Bug: 28615448
Change-Id: Ic84137435d1ef0a6883e9789a4b4f399e4283f05
|
|
|
|
|
| |
Bug: 28471206
Change-Id: Id5d055d76893d6f53a2e524ff5f282d1ddca3345
|
|
|
|
|
| |
bug: 28175045
Change-Id: Icee6c7eb5b761da4aa3e412fb71825508d74d38f
|
|
|
|
|
|
|
|
| |
Report MEMORY_ALLOCATION_ERROR if pStorage->picSizeInMbs would
exceed UINT32_MAX bytes.
Bug: 28532266
Change-Id: Ia6f11efb18818afcdb5fa2a38a14f2a2d8c8447a
|
|
|
|
|
| |
Bug: 28377502
Change-Id: Iad5ebfb0a9ef89f09755bb332579dbd3534f9c98
|
|
|
|
|
| |
Bug: 28333006
Change-Id: Ief7a2da848face78f0edde21e2f2009316076679
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
28076789.
Detail: Before the original fix
(Id207f369ab7b27787d83f5d8fc48dc53ed9fcdc9) for 28076789, the
code allowed a time-to-sample table size to be 0. The change
made in that fix disallowed such situation, which in fact should
be allowed. This current patch allows it again while maintaining
the security of the previous fix.
Bug: 28288202
Bug: 28076789
Change-Id: I1c9a60c7f0cfcbd3d908f24998dde15d5136a295
|
|
|
|
| |
Change-Id: I079d1db2d30d126f8aed348bd62451acf741037d
|
|
|
|
|
| |
Bug: 27855419
Change-Id: Idabedca52913ec31ea5cb6a6109ab94e3fb2badd
|
|
|
|
|
|
| |
Bug: 27833616
Change-Id: Ic4045a3f56f53b08d0b1264b2a91b8f43e91b738
(cherry picked from commit 87fdee0bc9e3ac4d2a88ef0a8e150cfdf08c161d)
|