am c4804e9b: am d4592694: am 3ca99f6c: Merge "fix vulnerability in bspatch"

* commit 'c4804e9b9c143652d17441b4b672b920b11cc94a':
  fix vulnerability in bspatch
This commit is contained in:
Doug Zongker
2014-05-16 15:09:35 +00:00
committed by Android Git Automerger
+5
View File
@@ -205,6 +205,11 @@ int ApplyBSDiffPatchMem(const unsigned char* old_data, ssize_t old_size,
ctrl[1] = offtin(buf+8);
ctrl[2] = offtin(buf+16);
if (ctrl[0] < 0 || ctrl[1] < 0) {
printf("corrupt patch (negative byte counts)\n");
return 1;
}
// Sanity check
if (newpos + ctrl[0] > *new_size) {
printf("corrupt patch (new file overrun)\n");