diff options
| author | Kenny Root <kroot@google.com> | 2012-05-10 10:21:06 -0700 |
|---|---|---|
| committer | Kenny Root <kroot@google.com> | 2012-05-10 11:48:21 -0700 |
| commit | 103d53005e7a3c2735f4ac76fa9b795a7e7e39d7 (patch) | |
| tree | da5b4a423467f932654ca2db1494bd9e34210f58 /packages/DefaultContainerService/src/com | |
| parent | a25079e6bafcfd77135a852f0e838738d80606ef (diff) | |
| download | frameworks_base-103d53005e7a3c2735f4ac76fa9b795a7e7e39d7.zip frameworks_base-103d53005e7a3c2735f4ac76fa9b795a7e7e39d7.tar.gz frameworks_base-103d53005e7a3c2735f4ac76fa9b795a7e7e39d7.tar.bz2 | |
Use long instead of int for file offsets
Use long instead of int so we don't run into a 2GB file limit.
Fix possible overflows in offset and length.
Change-Id: Idb3a34f5600f9c2372b9c89256f21757049fa43b
Diffstat (limited to 'packages/DefaultContainerService/src/com')
| -rw-r--r-- | packages/DefaultContainerService/src/com/android/defcontainer/DefaultContainerService.java | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/packages/DefaultContainerService/src/com/android/defcontainer/DefaultContainerService.java b/packages/DefaultContainerService/src/com/android/defcontainer/DefaultContainerService.java index 17e5f4e..3b87b96 100644 --- a/packages/DefaultContainerService/src/com/android/defcontainer/DefaultContainerService.java +++ b/packages/DefaultContainerService/src/com/android/defcontainer/DefaultContainerService.java @@ -473,6 +473,8 @@ public class DefaultContainerService extends IntentService { } private static class ApkContainer { + private static final int MAX_AUTHENTICATED_DATA_SIZE = 16384; + private final InputStream mInStream; private MacAuthenticatedInputStream mAuthenticatedStream; @@ -540,26 +542,35 @@ public class DefaultContainerService extends IntentService { throw new IOException(e); } - final int encStart = encryptionParams.getEncryptedDataStart(); - final int end = encryptionParams.getDataEnd(); + final long encStart = encryptionParams.getEncryptedDataStart(); + final long end = encryptionParams.getDataEnd(); if (end < encStart) { throw new IOException("end <= encStart"); } final Mac mac = getMacInstance(encryptionParams); if (mac != null) { - final int macStart = encryptionParams.getAuthenticatedDataStart(); + final long macStart = encryptionParams.getAuthenticatedDataStart(); + if (macStart >= Integer.MAX_VALUE) { + throw new IOException("macStart >= Integer.MAX_VALUE"); + } - final int furtherOffset; + final long furtherOffset; if (macStart >= 0 && encStart >= 0 && macStart < encStart) { /* * If there is authenticated data at the beginning, read * that into our MAC first. */ - final int authenticatedLength = encStart - macStart; - final byte[] authenticatedData = new byte[authenticatedLength]; + final long authenticatedLengthLong = encStart - macStart; + if (authenticatedLengthLong > MAX_AUTHENTICATED_DATA_SIZE) { + throw new IOException("authenticated data is too long"); + } + final int authenticatedLength = (int) authenticatedLengthLong; + + final byte[] authenticatedData = new byte[(int) authenticatedLength]; - Streams.readFully(inStream, authenticatedData, macStart, authenticatedLength); + Streams.readFully(inStream, authenticatedData, (int) macStart, + authenticatedLength); mac.update(authenticatedData, 0, authenticatedLength); furtherOffset = 0; |