Don't explicitly enable CFI in libhevc. Previously there was no other sanitization, so in order for the blacklist to be picked up CFI had to be enabled. With integer_overflow enabled, we no longer need it enabled explicitly in the build file. Since libhevc is a static library, both CFI and non-CFI variants will be built and linked accordingly. If libhevc is used as a shared library in the future, we'll need to explicitly re-enable CFI in the build file. Bug: 63926619 Test: Library builds. Change-Id: If852aa732d12f1176f57c3c9f7f4574d709c13ab

commit: 20a0df1a8013a389e571d3ef3b264df2cd3e7c7d [log] [tgz]
author: Ivan Lozano <ivanlozano@google.com> Tue Jul 17 09:49:44 2018 -0700
committer: Ivan Lozano <ivanlozano@google.com> Tue Jul 17 09:49:44 2018 -0700
tree: 744842a83f3b86176151c13dbe4b77edc8a92e95
parent: 11b93edeae70b5f00bc3d366b7cfa87f66f00487 [diff] [blame]
diff --git a/Android.bp b/Android.bp
index 9926255..b03eb6b 100644
--- a/Android.bp
+++ b/Android.bp

@@ -391,10 +391,10 @@
 
     sanitize: {
         integer_overflow: true,
-        cfi: true,
+        // Enable CFI if this becomes a shared library.
+        // cfi: true,
         diag: {
             integer_overflow: true,
-            cfi: true,
         },
         blacklist: "libhevc_blacklist.txt",
     },
commit	20a0df1a8013a389e571d3ef3b264df2cd3e7c7d	[log] [tgz]
author	Ivan Lozano <ivanlozano@google.com>	Tue Jul 17 09:49:44 2018 -0700
committer	Ivan Lozano <ivanlozano@google.com>	Tue Jul 17 09:49:44 2018 -0700
tree	744842a83f3b86176151c13dbe4b77edc8a92e95
parent	11b93edeae70b5f00bc3d366b7cfa87f66f00487 [diff] [blame]