fc2d5e2448e0973e43a073c2a5865b7538c28720 - fp2-dev/platform/cts

commit	fc2d5e2448e0973e43a073c2a5865b7538c28720	[log] [tgz]
author	jjwong <jj.wong@hi-p.com>	Wed Apr 13 15:32:43 2016 +0800
committer	jjwong <jj.wong@hi-p.com>	Wed Apr 13 15:32:43 2016 +0800
tree	8c592b9f2a0523f072c8842ba939df413c8f4659
parent	477edf411f18b54d5ea7ae7aa8ceb643a48cc2e1 [diff]

FPII-1886:CR:935198-Several information exposure vulnerabilities in Mediaserver can permit a bypass of security checks.

1. Made changes to clear config before reading it from parcel in IAudioFlinger
2. Added initialization of variables and ensure no info leak when writing them to Parcel.
3. Added initialization of local variables to avoid data leak
Files affected
media/libmedia/IAudioFlinger.cpp
media/libmedia/IAudioPolicyService.cpp
Bug: 23540907
Change-Id:Ie8eb867ffc52251446e12b712cb28ddc95429fcd

tests/tests/security/jni/Android.mk[diff]
tests/tests/security/jni/CtsSecurityJniOnLoad.cpp[diff]
tests/tests/security/jni/android_security_cts_AudioEffectBinderTest.cpp[Added - diff]
tests/tests/security/src/android/security/cts/AudioEffectBinderTest.java[Added - diff]

4 files changed

tree: 8c592b9f2a0523f072c8842ba939df413c8f4659

apps/
build/
common/
development/
hostsidetests/
libs/
suite/
tests/
tools/
.gitignore
Android.mk
CleanSpec.mk
CtsBuild.mk
CtsCoverage.mk
CtsTestCaseList.mk