From 35627b0cf253faa03b5f7e3980ae422325cc22f4 Mon Sep 17 00:00:00 2001 From: rago Date: Tue, 29 Nov 2016 10:29:39 -0800 Subject: Fix security vulnerability: potential OOB write in audioserver Bug: 32705438 Bug: 32703959 Test: cts security test Change-Id: I920a74cb0a809c623ddf802f3d2808f0f1bd537c (cherry picked from commit 3f9a6d3bd97966999fa35b9423b8c0042c8198b3) (cherry picked from commit 8a1906a6b573af10cb6a5f0424f0dbe787280f95) --- include/hardware/audio_effect.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/hardware/audio_effect.h b/include/hardware/audio_effect.h index 41cd2e6..854f0c1 100644 --- a/include/hardware/audio_effect.h +++ b/include/hardware/audio_effect.h @@ -896,6 +896,9 @@ typedef struct effect_param_s { char data[]; // Start of Parameter + Value data } effect_param_t; +// Maximum effect_param_t size +#define EFFECT_PARAM_SIZE_MAX 65536 + // structure used by EFFECT_CMD_OFFLOAD command typedef struct effect_offload_param_s { bool isOffload; // true if the playback thread the effect is attached to is offloaded -- cgit v1.1