Add integer sanitization to libexif.

This turns integer sanitization on in libexif. A blacklist file is added
to prevent sanitization of a function which was seen to overflow during
testing but this seems to be intentional.

Bug: 67013630
Bug: 62343822
Test: Took pictures and videos.
Test: Mounted as PTP and MTP, browsed and downloaded files.
Change-Id: I7c2d2acead75797fba06488ef2e87a5c0fc2b66e

2 files changed, 19 insertions, 0 deletions

diff --git a/Android.bp b/Android.bp
index f648a4b..62ba943 100644
--- a/Android.bp
+++ b/Android.bp
@@ -64,6 +64,10 @@ cc_library_shared {
         "-Werror",
     ],
 
+    sanitize: {
+        integer_overflow: true,
+        blacklist: "libexif_blacklist.txt",
+    },
 }
 
 // WARNING: this makefile builds a shared library. Do not ever make it build
diff --git a/libexif_blacklist.txt b/libexif_blacklist.txt
new file mode 100644
index 0000000..9500d9a
--- /dev/null
+++ b/libexif_blacklist.txt
@@ -0,0 +1,15 @@
+# Copyright (C) 2017 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+fun:match_tag