commit | 7dcbfcea83010c0fb795e360e94be5cf72a63fc1 | [log] [tgz] |
---|---|---|
author | Emilian Peev <epeev@google.com> | Mon Nov 06 10:41:19 2017 +0000 |
committer | Dirk Vogt <dirk@fairphone.com> | Mon Dec 11 12:54:40 2017 +0100 |
tree | 097f9cb5809d5af78edc8845317063c0c5f71868 | |
parent | 0e6439329fe17de963ba82647b884e35d163ee89 [diff] |
Camera metadata: Check source metadata size Source size passed by client could be smaller than 'camera_metadata_t'. In this case the cast in 'allocate_copy_camera_metadata_checked()' will be incorrect and we will try to access invalid heap memory. Bug: 67782345 Test: Camera CTS FPIIM-2319 Change-Id: I9582c704f414493978d09ffb603b5e8368cda5ce (cherry picked from commit 489bbd13bf0add8029444b9d9505b3d118776ea3)