diff options
author | Vignesh Venkatasubramanian <vigneshv@google.com> | 2016-07-07 13:24:03 -0700 |
---|---|---|
committer | Jessica Wagantall <jwagantall@cyngn.com> | 2016-09-08 14:15:42 -0700 |
commit | eff4bf79c7e4144f1ca4dc702d10b8b231aa4d95 (patch) | |
tree | 5ca6c3e6cce4fd1fce2c153b09bc2fb7b9741cd2 /update_libvpx.sh | |
parent | 831d75e1120e538b6b56dbb71feb277bc811d85d (diff) | |
download | android_external_libvpx-stable/cm-13.0-ZNH2KB.tar.gz android_external_libvpx-stable/cm-13.0-ZNH2KB.tar.bz2 android_external_libvpx-stable/cm-13.0-ZNH2KB.zip |
DO NOT MERGE | libvpx: cherry-pick aa1c813 from upstreamstable/cm-13.0-ZNH2KB
Description from upstream:
vp9: Fix potential SEGV in decoder_peek_si_internal
CYNGNOS-3235
decoder_peek_si_internal could potentially read more bytes than
what actually exists in the input buffer. We check for the buffer
size to be at least 8, but we try to read up to 10 bytes in the
worst case. A well crafted file could thus cause a segfault.
Likely change that introduced this bug was:
https://chromium-review.googlesource.com/#/c/70439 (git hash:
7c43fb6)
Bug: 30013856
Change-Id: If556414cb5b82472d5673e045bc185cc57bb9af3
(cherry picked from commit bd57d587c2eb743c61b049add18f9fd72bf78c33)
(cherry picked from commit f0d51151fe577596618e36793b357942134e442b)
(cherry picked from commit 6e46a751893e89541fe68b50b35263b18a5b74b5)
Diffstat (limited to 'update_libvpx.sh')
0 files changed, 0 insertions, 0 deletions