Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / media / e981d0776ba921e58bba92de7cdeef0f4be1d6e7
commite981d0776ba921e58bba92de7cdeef0f4be1d6e7[log] [tgz]
authorTeow Wan Yee <wy.teow@hi-p.com>Thu Sep 22 13:53:28 2016 +0800
committerTeow Wan Yee <wy.teow@hi-p.com>Thu Sep 22 13:53:28 2016 +0800
tree59c7004a5739c18c12e4754a31ec1726ecab06df
parent8bfff2ce279adf59e0cf47601fdcc44f70c1f165 [diff]
FPII-2382 Elevation of privilege vulnerability in Camera service CVE-2016-3916 A-30741779

The Camera service incorrectly checks the variable count of the camera_metadata_buffer_entry struct.
The fix is designed to to check for overflow when calculating metadata data size.

Change-Id: Ib818efe7be396ec47df328293cd335c691eab293
1 file changed
tree: 59c7004a5739c18c12e4754a31ec1726ecab06df
  1. audio_effects/
  2. audio_route/
  3. audio_utils/
  4. camera/
  5. private/
  6. CleanSpec.mk