FPII-2800 :Remote code execution vulnerability in Framesequence library CVE-2017-0478 A-33718716 Handle small sized webps correctly bug:33718716 Change-Id: I54d63d54c7057828dfca1ab4ef47a44760e94ece (cherry picked from commit 88a377408b394cad10f40f2d1b731e97ce06f0a3)

commit: 44f9c61ab5f3aa8f7f1fb0d1a586981b07a7c212 [log] [tgz]
author: Chris Craik <ccraik@google.com> Tue Jan 10 15:09:08 2017 -0800
committer: Jeron Susan <jeron.susan@hi-p.com> Fri Feb 17 11:36:59 2017 +0800
tree: bb06d6f52fb48a9be1f0bc6280c6f471dc447a5a
parent: ed6832ea349041e0813ebda322405e9bf48e873e [diff]
diff --git a/framesequence/jni/FrameSequence_webp.cpp b/framesequence/jni/FrameSequence_webp.cpp
index 7ffb350..375de79 100644
--- a/framesequence/jni/FrameSequence_webp.cpp
+++ b/framesequence/jni/FrameSequence_webp.cpp

@@ -99,6 +99,10 @@
         return;
     }
     mData.size = CHUNK_HEADER_SIZE + readSize;
+    if(mData.size < RIFF_HEADER_SIZE) {
+        ALOGE("WebP file malformed");
+        return;
+    }
     mData.bytes = new uint8_t[mData.size];
     memcpy((void*)mData.bytes, riff_header, RIFF_HEADER_SIZE);
commit	44f9c61ab5f3aa8f7f1fb0d1a586981b07a7c212	[log] [tgz]
author	Chris Craik <ccraik@google.com>	Tue Jan 10 15:09:08 2017 -0800
committer	Jeron Susan <jeron.susan@hi-p.com>	Fri Feb 17 11:36:59 2017 +0800
tree	bb06d6f52fb48a9be1f0bc6280c6f471dc447a5a
parent	ed6832ea349041e0813ebda322405e9bf48e873e [diff]