Merge "Check for crypto size overflow"

6 years ago · 0f94463362
parent 46f11bd304 62e83c9512
commit 0f94463362
1 changed files with 8 additions and 2 deletions
--- a/media/libmediaplayerservice/nuplayer/NuPlayerDrm.cpp
+++ b/media/libmediaplayerservice/nuplayer/NuPlayerDrm.cpp
@ -239,8 +239,14 @@ NuPlayerDrm::CryptoInfo *NuPlayerDrm::makeCryptoInfo(
        size_t *encryptedbytes)
 {
    // size needed to store all the crypto data
-    size_t cryptosize = sizeof(CryptoInfo) +
-                        sizeof(CryptoPlugin::SubSample) * numSubSamples;
+    size_t cryptosize;
+    // sizeof(CryptoInfo) + sizeof(CryptoPlugin::SubSample) * numSubSamples;
+    if (__builtin_mul_overflow(sizeof(CryptoPlugin::SubSample), numSubSamples, &cryptosize) ||
+            __builtin_add_overflow(cryptosize, sizeof(CryptoInfo), &cryptosize)) {
+        ALOGE("crypto size overflow");
+        return NULL;
+    }
+
    CryptoInfo *ret = (CryptoInfo*) malloc(cryptosize);
    if (ret == NULL) {
        ALOGE("couldn't allocate %zu bytes", cryptosize);