summaryrefslogtreecommitdiffstats
path: root/media/libstagefright/id3
Commit message (Collapse)AuthorAgeFilesLines
* DO NOT MERGE: defensive parsing of mp3 album art informationRay Essick2017-01-131-17/+39
| | | | | | | | | | | | | | | | several points in stagefrights mp3 album art code used strlen() to parse user-supplied strings that may be unterminated, resulting in reading beyond the end of a buffer. This changes the code to use strnlen() for 8-bit encodings and strengthens the parsing of 16-bit encodings similarly. It also reworks how we watch for the end-of-buffer to avoid all over-reads. Bug: 32377688 Test: crafted mp3's w/ good/bad cover art. See what showed in play music Change-Id: Ia9f526d71b21ef6a61acacf616b573753cd21df6 (cherry picked from commit fa0806b594e98f1aed3ebcfc6a801b4c0056f9eb) (cherry picked from commit 7a3246b870ddd11861eda2ab458b11d723c7f62c)
* Merge tag 'android-6.0.1_r72' into HEADJessica Wagantall2016-10-061-15/+42
|\ | | | | | | | | | | Android 6.0.1 Release 72 (M4B30X) Change-Id: I617426a3fbf7a8d013c5be838ad4c80a00b61a5f
| * better validation lengths of strings in ID3 tagsRay Essick2016-08-261-15/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | Validate lengths on strings in ID3 tags, particularly around 0. Also added code to handle cases when we can't get memory for copies of strings we want to extract from these tags. Affects L/M/N/master, same patch for all of them. Bug: 30744884 Change-Id: I2675a817a39f0927ec1f7e9f9c09f2e61020311e Test: play mp3 file which caused a <0 length. (cherry picked from commit d23c01546c4f82840a01a380def76ab6cae5d43f)
* | Prevent integer underflows in ID3::IteratorJoshua J. Drake2016-03-221-0/+8
| | | | | | | | | | | | | | | | | | | | | | If mFrameSize is less than or equal to getHeaderLength(), an integer underflow will occur. This typically leads to a crash reading out of bounds in the following code. Prevent this from happening by validating mFrameSize. Also add NULL checks after references to ID3::Iterator::getData. Bug: 23285887 Change-Id: I35eeda3c5349ebbd9ffb3ea49b79af6a940d1395
* | Merge tag 'android-6.0.0_r26' into cm-13.0Ricardo Cerqueira2015-11-051-2/+19
|\ \ | |/ | | | | | | | | Android 6.0.0 release 26 Change-Id: I8a57007bf6efcd8b95c3cebf5e0444345bdd4cda
| * ID3: check possible integer overflow for extendedHeaderSize and paddingSize.Wei Jia2015-10-051-2/+19
| | | | | | | | | | Bug: 24623447 Change-Id: Ifbc74454d6e28ad7136efe35ab638a07e46398b1
* | stagefright: handle zero size field in ID3v2 headerYamit Mehta2015-10-061-2/+3
|/ | | | | | | | Specific clip contains corrupt ID3v2 header where size field is zero. This corner case isn't handled properly and leads to crash. Change-Id: Ic7e97b9de84b0cb3ce3716db95ab05f8f0db336f CRs-Fixed: 815025
* am fa11fd5b: resolved conflicts for merge of 327afffb to lmp-mr1-ub-devRobert Shih2015-08-241-1/+16
|\ | | | | | | | | * commit 'fa11fd5bb2e9c5e00f7fecbbe76c279193182cee': Prevent integer issues in ID3::Iterator::findFrame
| * resolved conflicts for merge of 327afffb to lmp-mr1-ub-devRobert Shih2015-08-241-1/+16
| |\ | | | | | | | | | Change-Id: I6c1369f05bbeb83e2152b8dae35f7a53328f7239
| | * am eecc406f: am 3b42241a: Merge "Prevent integer issues in ↵Robert Shih2015-08-221-2/+21
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | ID3::Iterator::findFrame" into klp-dev * commit 'eecc406f462ef2b3a73cd6bf3c05f7cb45382276': Prevent integer issues in ID3::Iterator::findFrame
| | | * am 3b42241a: Merge "Prevent integer issues in ID3::Iterator::findFrame" into ↵Robert Shih2015-08-221-2/+21
| | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | klp-dev * commit '3b42241aab5855964d1bd60268ae21c2d9cc6065': Prevent integer issues in ID3::Iterator::findFrame
| | | | * Prevent integer issues in ID3::Iterator::findFrameJoshua J. Drake2015-08-211-2/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Integer overflows could occur a few places within findFrame. These can lead to out-of-bounds reads and potentially infinite loops. Ensure that arithmetic does not wrap around to prevent these behaviors. Bug: 23285192 Change-Id: I72a61df7d5719d1d3f2bd0b37fba86f0f4bbedee
* | | | | am 0cc0d158: am 06682f94: am 48bdf782: am 00887af1: am e9a8362e: am ↵Neel Mehta2015-08-201-1/+1
|\ \ \ \ \ | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | a2a68264: am c37f7f6f: Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354 * commit '0cc0d158694b20f210ba4ad41fe4adc5bda57402': Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
| * | | | am 06682f94: am 48bdf782: am 00887af1: am e9a8362e: am a2a68264: am ↵Neel Mehta2015-08-201-1/+1
| |\ \ \ \ | | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | c37f7f6f: Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354 * commit '06682f94d84f97df0d826f9b15d4c2e861ba4045': Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
| | * | | am a2a68264: am c37f7f6f: Fix for memory corruption in ↵Neel Mehta2015-08-181-1/+1
| | |\ \ \ | | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | ID3::removeUnsynchronizationV2_4(). Bug: 23227354 * commit 'a2a6826494dec4a8fab6bd6828828fae886e516a': Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
| | | * | am c37f7f6f: Fix for memory corruption in ↵Neel Mehta2015-08-181-1/+1
| | | |\ \ | | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | ID3::removeUnsynchronizationV2_4(). Bug: 23227354 * commit 'c37f7f6fa0cb7f55cdc5b2d4ccbf2c87c3bc6c3b': Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
| | | | * Fix for memory corruption in ID3::removeUnsynchronizationV2_4().Neel Mehta2015-08-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 23227354 Change-Id: Iaa36cfda4fd84ca7e039f56086fd61b4118020db (cherry picked from commit 77e23413a539df16503e356bd4df4a952f3abc47)
| * | | | am f153ecd2: am 91c71293: am 91fc84f2: am de5c4c46: am 43131299: am ↵Wei Jia2015-08-201-0/+3
| |\ \ \ \ | | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | 1a09d352: Merge "libstagefright: check remaining data size before parsing it." into klp-dev * commit 'f153ecd2c1b503a404bbb7d1db0fcc19b7bcda0e': libstagefright: check remaining data size before parsing it.
| | * | | am 43131299: am 1a09d352: Merge "libstagefright: check remaining data size ↵Wei Jia2015-08-181-0/+3
| | |\ \ \ | | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | before parsing it." into klp-dev * commit '431312997856ce689e683ee0639cf1f4bedab7f0': libstagefright: check remaining data size before parsing it.
| | | * | am 1a09d352: Merge "libstagefright: check remaining data size before parsing ↵Wei Jia2015-08-181-0/+3
| | | |\ \ | | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | it." into klp-dev * commit '1a09d3521e8849dcb1090ecb50393f6e9ee140ec': libstagefright: check remaining data size before parsing it.
| | | | * libstagefright: check remaining data size before parsing it.Wei Jia2015-08-171-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 23248776 Change-Id: I45cf53e58e4375afcf260b122264c968ec0ff6c8 (cherry picked from commit 3bf1e0fdf27e1188b8d3574ed073595b8eacb114)
| * | | | am f66b81e7: am f22da1cf: am d7146ce7: am 3bb658ac: am 4e86a483: am ↵Wei Jia2015-08-131-2/+5
| |\ \ \ \ | | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | f51115bd: libstagefright: fix possible overflow in ID3. * commit 'f66b81e7c05f62105e7a8deefeaf395b28cb4bb3': libstagefright: fix possible overflow in ID3.
| | * | | am 4e86a483: am f51115bd: libstagefright: fix possible overflow in ID3.Wei Jia2015-08-131-2/+5
| | |\ \ \ | | | |/ / | | | | | | | | | | | | | | | * commit '4e86a483a12b0139a8babf4754e5de340eaccd40': libstagefright: fix possible overflow in ID3.
| | | * | am f51115bd: libstagefright: fix possible overflow in ID3.Wei Jia2015-08-131-2/+5
| | | |\ \ | | | | |/ | | | | | | | | | | | | | | | * commit 'f51115bd8e44c2779b74477277c6f6046916e7cf': libstagefright: fix possible overflow in ID3.
| | | | * libstagefright: fix possible overflow in ID3.Wei Jia2015-08-121-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 23129786 Change-Id: I2e6b7a6927aa4362ab49dd6824bbb1abf7b4e661 (cherry picked from commit 09da86913ca97d7a818a8917b6601527e5e18a24)
* | | | | libstagefright: check remaining data size before parsing it.Wei Jia2015-08-161-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | Bug: 23248776 Change-Id: I45cf53e58e4375afcf260b122264c968ec0ff6c8
* | | | | libstagefright: fix possible overflow in ID3.Wei Jia2015-08-121-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | Bug: 23129786 Change-Id: I2e6b7a6927aa4362ab49dd6824bbb1abf7b4e661
* | | | | am 48192b84: am 0625841d: am dfaea255: am 578d5b66: am 171b5fad: am ↵Marco Nelissen2015-08-071-0/+6
|\ \ \ \ \ | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | d6ea7f65: am f26400c9: Fix crash on malformed id3 * commit '48192b84db39879e7d83a2f4e7023048fb81ee8e': Fix crash on malformed id3
| * | | | am 0625841d: am dfaea255: am 578d5b66: am 171b5fad: am d6ea7f65: am ↵Marco Nelissen2015-08-071-0/+6
| |\ \ \ \ | | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | f26400c9: Fix crash on malformed id3 * commit '0625841daae5bb1351034909ce705aab517eea2d': Fix crash on malformed id3
| | * | | am d6ea7f65: am f26400c9: Fix crash on malformed id3Marco Nelissen2015-08-071-0/+6
| | |\ \ \ | | | |/ / | | | | | | | | | | | | | | | * commit 'd6ea7f65dd31d5dacf497cc3c494d4fa3910f7c3': Fix crash on malformed id3
| | | * | am f26400c9: Fix crash on malformed id3Marco Nelissen2015-08-071-0/+6
| | | |\ \ | | | | |/ | | | | | | | | | | | | | | | * commit 'f26400c9d01a0e2f71690d5ebc644270f098d590': Fix crash on malformed id3
| | | | * Fix crash on malformed id3Marco Nelissen2015-08-041-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | Bug: 22954006 Change-Id: I488cb1e2c69fc7043b6040481b30fa866000515d
| * | | | Fix id3 parser crashMarco Nelissen2015-01-151-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | Bug: 18872896 Change-Id: I953f58f35a76590701234d5707e060499acfc069
* | | | | stagefright: make more warnings errorsLajos Molnar2015-04-171-2/+2
| | | | | | | | | | | | | | | | | | | | Change-Id: I9b1ad60fbfb866dbf9c00843e06553c3eb25c113
* | | | | stagefright: warnings be gone, some are now errors, use clangLajos Molnar2015-04-171-0/+2
| | | | | | | | | | | | | | | | | | | | Change-Id: I81f438ae444f04c12ae27ae4ef6d073033de172c
* | | | | Fix id3 parser crashMarco Nelissen2015-01-151-2/+9
|/ / / / | | | | | | | | | | | | | | | | Bug: 18872896 Change-Id: I953f58f35a76590701234d5707e060499acfc069
* | | | Stagefright: Fix unused variables, functions, valuesAndreas Gampe2014-11-251-1/+1
|/ / / | | | | | | | | | | | | | | | | | | For build-system CFLAGS clean-up, remove unused functions and variables. Change-Id: Ic3dee56b589ea9a693efa1d72ba394036efff168
* | | libstagefright: fix 64-bit warningsColin Cross2014-03-191-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | %lld -> %" PRId64 " for int64_t %d -> %zu for size_t Also fixes some casts from void* to integer types, and some comparisons between signed and unsigned. Change-Id: I9c52f76240e39399da252c66459042a6fc626a90
* | | Merge commit 'c250980f' into manualmergeGlenn Kasten2014-03-191-2/+0
|\ \ \ | | | | | | | | | | | | Change-Id: I254d456e8cb6c580dd77d602b391bed09110454e
| * | | libstagefright is no longer 32 bit only.Narayan Kamath2014-03-191-2/+0
| | | | | | | | | | | | | | | | Change-Id: I88d5fcfc005a2c2acd0246cdd9c08b6c00b6c39b Signed-off-by: Glenn Kasten <gkasten@android.com>
* | | | am 098b28fc: am 64727dd7: Merge "More precise 32-bit only for ↵Glenn Kasten2014-03-181-0/+2
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | libstagefright/ subdirectories" * commit '098b28fc88b3d96eada2f9db318d9c38c70cf674': More precise 32-bit only for libstagefright/ subdirectories
| * | | More precise 32-bit only for libstagefright/ subdirectoriesGlenn Kasten2014-03-171-0/+2
| | | | | | | | | | | | | | | | Change-Id: Ie4e8f9ccd834b902287d3452cc9fa739809ddb68
* | | | warnings be gone.Andreas Huber2014-02-111-0/+4
| | | | | | | | | | | | | | | | Change-Id: Ie3bae3f037730e316d7fca12e7a3527973f752ef
* | | | resolved conflicts for merge of 566be7c3 to masterNarayan Kamath2014-02-111-2/+2
|\ \ \ \ | |/ / / | | | | | | | | Change-Id: I7b1cc71057b2bd4f771e7bcf508a8c3abd6017ce
| * | | Make frameworks/av 64-bit compatibleKévin PETIT2014-02-111-2/+2
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Contains the necessary changes to make frameworks/av build and work on a 64-bit machine. Signed-off-by: Craig Barber <craig.barber@arm.com> Signed-off-by: Kévin PETIT <kevin.petit@arm.com> Signed-off-by: Ashok Bhat <ashok.bhat@arm.com> Signed-off-by: Marcus Oakland <marcus.oakland@arm.com> Change-Id: I725feaae50ed8eee25ca2c947cf15aee1f395c43
* | | am 6146f60c: am 319c5640: am 07a017d3: Merge "Added support for ID3v2 meta ↵Marco Nelissen2014-01-171-6/+6
|\ \ \ | |/ / | | | | | | | | | | | | | | | data in 3gp files" * commit '6146f60c87a8a9c66036325c66dea826d2e98f6f': Added support for ID3v2 meta data in 3gp files
| * | Added support for ID3v2 meta data in 3gp filesOscar Rydhé2014-01-161-6/+6
| |/ | | | | | | | | | | | | | | Added support for parsing ID3v2 meta data from the ID32 chunk in 3gp files. The priority will be 3gpp -> ID3v2 -> iTunes per field. Change-Id: I0282ecab58e3e5fa6bd738078d562c8bb8ce00ed
* | Better character set encoding detectionMarco Nelissen2013-12-111-50/+29
|/ | | | | | | | | | Id3 tags are supposed to be ISO-8859-1 or unicode, but often aren't. To better detect the real encoding we now use ICU to detect possible encodings for a given byte sequence, then apply additional heuristics to determine the most likely one. b/5564857 Change-Id: I53bc83b006433da5c2f2ccfcd770ddb3a26b64d0
* Speed up id3v2 unsynchronizationMarco Nelissen2013-06-171-5/+10
| | | | | | | | | | Instead of doing many overlapping memmoves, do a single copy pass that skips over the inserted unsynchronization bytes. For some files this reduces parsing time from minutes to milliseconds. b/9463262 Change-Id: I735b7051e77a093d86fb7a3e46209875946225ed
* New HLS implementation supporting independent stream sources, audio-only streamsAndreas Huber2013-05-311-2/+46
| | | | | | and more. Change-Id: Icfc45a0100243b2f7a14a9e65696be45b67d6495
generated by cgit v1.1 at 2024-05-14 04:43:12 +0000