From 8dde7269a5356503d2b283234b6cb46d0c3f214e Mon Sep 17 00:00:00 2001
From: Wei Jia <wjia@google.com>
Date: Mon, 28 Sep 2015 11:32:23 -0700
Subject: OMX: allow only secure codec to remotely call allocateBuffer.

Bug: 24310423
Change-Id: Iebcfc58b447f925ec2134898060af2ef227266a3
---
 media/libmedia/IOMX.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'media/libmedia/IOMX.cpp')

diff --git a/media/libmedia/IOMX.cpp b/media/libmedia/IOMX.cpp
index 16da65e..5423c2a 100644
--- a/media/libmedia/IOMX.cpp
+++ b/media/libmedia/IOMX.cpp
@@ -963,6 +963,12 @@ status_t BnOMX::onTransact(
 
             node_id node = (node_id)data.readInt32();
             OMX_U32 port_index = data.readInt32();
+            if (!isSecure(node) || port_index != 0 /* kPortIndexInput */) {
+                ALOGE("b/24310423");
+                reply->writeInt32(INVALID_OPERATION);
+                return NO_ERROR;
+            }
+
             size_t size = data.readInt64();
 
             buffer_id buffer;
-- 
cgit v1.1