diff options
| author | rago <rago@google.com> | 2016-11-29 10:29:39 -0800 |
|---|---|---|
| committer | Brinly Taylor <brinly@brinly.me> | 2017-03-13 04:53:31 +0000 |
| commit | 35627b0cf253faa03b5f7e3980ae422325cc22f4 (patch) | |
| tree | b422bcd7e8a72403dec6ef83bb64dedcf306a9f7 | |
| parent | aef9ca32a15017c4a2e2ed9ad6daa2446a6ec862 (diff) | |
| download | hardware_libhardware-35627b0cf253faa03b5f7e3980ae422325cc22f4.zip hardware_libhardware-35627b0cf253faa03b5f7e3980ae422325cc22f4.tar.gz hardware_libhardware-35627b0cf253faa03b5f7e3980ae422325cc22f4.tar.bz2 | |
Fix security vulnerability: potential OOB write in audioserver
Bug: 32705438
Bug: 32703959
Test: cts security test
Change-Id: I920a74cb0a809c623ddf802f3d2808f0f1bd537c
(cherry picked from commit 3f9a6d3bd97966999fa35b9423b8c0042c8198b3)
(cherry picked from commit 8a1906a6b573af10cb6a5f0424f0dbe787280f95)
| -rw-r--r-- | include/hardware/audio_effect.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/hardware/audio_effect.h b/include/hardware/audio_effect.h index 41cd2e6..854f0c1 100644 --- a/include/hardware/audio_effect.h +++ b/include/hardware/audio_effect.h @@ -896,6 +896,9 @@ typedef struct effect_param_s { char data[]; // Start of Parameter + Value data } effect_param_t; +// Maximum effect_param_t size +#define EFFECT_PARAM_SIZE_MAX 65536 + // structure used by EFFECT_CMD_OFFLOAD command typedef struct effect_offload_param_s { bool isOffload; // true if the playback thread the effect is attached to is offloaded |