From 676f7eef3f8988b541a0e2e74f8a2e2423aa87c9 Mon Sep 17 00:00:00 2001
From: Chris Craik <ccraik@google.com>
Date: Thu, 12 Jan 2017 12:56:20 -0800
Subject: resolve merge conflicts of 89cdd4cb to mnc-dev

CVE-2017-0478

Change-Id: Ie1421dc0fed3c3a20c5c146a253b27b8678a6207
(cherry picked from commit 7c824f17b3eea976ca58be7ea097cb807126f73b)
---
 framesequence/jni/FrameSequence_webp.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/framesequence/jni/FrameSequence_webp.cpp b/framesequence/jni/FrameSequence_webp.cpp
index 034847a..aa99b90 100644
--- a/framesequence/jni/FrameSequence_webp.cpp
+++ b/framesequence/jni/FrameSequence_webp.cpp
@@ -105,6 +105,10 @@ FrameSequence_webp::FrameSequence_webp(Stream* stream)
             return;
         }
         mData.size = CHUNK_HEADER_SIZE + readSize;
+        if(mData.size < RIFF_HEADER_SIZE) {
+            ALOGE("WebP file malformed");
+            return;
+        }
         mData.bytes = new uint8_t[mData.size];
         memcpy((void*)mData.bytes, riff_header, RIFF_HEADER_SIZE);
 
-- 
cgit v1.2.3