summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWolfgang Wiedmeyer <wolfgit@wiedmeyer.de>2015-10-19 23:27:50 +0200
committerWolfgang Wiedmeyer <wolfgit@wiedmeyer.de>2015-10-19 23:27:50 +0200
commit0f3298bd7f9adb5edbadd17c048d5fb927e1df0f (patch)
treef64fd26490d17dedba48e85694a1a7a0f5c2b699
parent0d46d72ec922f94d8d5b9f476a91e5be46956824 (diff)
downloadframeworks_native-0f3298bd7f9adb5edbadd17c048d5fb927e1df0f.zip
frameworks_native-0f3298bd7f9adb5edbadd17c048d5fb927e1df0f.tar.gz
frameworks_native-0f3298bd7f9adb5edbadd17c048d5fb927e1df0f.tar.bz2
backport of fix for CVE-2015-6602HEADmaster
corresponding upstream commits: 5b85b1d40d619c2064d321364f212ebfeb6ba185 e0dce90b0de2b2b7c2baae8035f810a55526effb Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
-rw-r--r--libs/utils/String8.cpp6
1 files changed, 6 insertions, 0 deletions
diff --git a/libs/utils/String8.cpp b/libs/utils/String8.cpp
index 562f026..26cf2ab 100644
--- a/libs/utils/String8.cpp
+++ b/libs/utils/String8.cpp
@@ -14,6 +14,9 @@
* limitations under the License.
*/
+#define __STDC_LIMIT_MACROS
+#include <stdint.h>
+
#include <utils/String8.h>
#include <utils/Log.h>
@@ -79,6 +82,9 @@ void terminate_string8()
static char* allocFromUTF8(const char* in, size_t len)
{
if (len > 0) {
+ if (len == SIZE_MAX) {
+ return NULL;
+ }
SharedBuffer* buf = SharedBuffer::alloc(len+1);
ALOG_ASSERT(buf, "Unable to allocate shared buffer");
if (buf) {