From 196863d27407e23c69debdd061df58ce8fe76c20 Mon Sep 17 00:00:00 2001
From: Gloria Wang <gwang@google.com>
Date: Mon, 22 Feb 2010 15:56:21 -0800
Subject: Fix for the safty check. It checks that nFir21 + jNpoints <=
 BUF_SIZE,  but when it calls GetByteArrayRegion, it multiplies it by 2 which 
 defeats the "// safety first" check at the beginning.

---
 media/jni/android_media_ResampleInputStream.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'media')

diff --git a/media/jni/android_media_ResampleInputStream.cpp b/media/jni/android_media_ResampleInputStream.cpp
index f248557..d965d9a 100644
--- a/media/jni/android_media_ResampleInputStream.cpp
+++ b/media/jni/android_media_ResampleInputStream.cpp
@@ -92,7 +92,7 @@ static void android_media_ResampleInputStream_fir21(JNIEnv *env, jclass clazz,
          jint jNpoints) {
     
     // safety first!
-    if (nFir21 + jNpoints > BUF_SIZE) {
+    if (nFir21 + jNpoints * 2 > BUF_SIZE) {
         throwException(env, "java/lang/IllegalArgumentException",
                 "FIR+data too long %d", nFir21 + jNpoints);
         return;
-- 
cgit v1.1