aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-05-17Update the experimental notice so not android p specificandroid-mainline-10.0.0_r9android-mainline-10.0.0_r7android-mainline-10.0.0_r5android-mainline-10.0.0_r4android-mainline-10.0.0_r10android-10.0.0_r9android-10.0.0_r8android-10.0.0_r7android-10.0.0_r45android-10.0.0_r44android-10.0.0_r43android-10.0.0_r42android-10.0.0_r41android-10.0.0_r40android-10.0.0_r39android-10.0.0_r38android-10.0.0_r37android-10.0.0_r36android-10.0.0_r35android-10.0.0_r34android-10.0.0_r33android-10.0.0_r32android-10.0.0_r31android-10.0.0_r30android-10.0.0_r14android-10.0.0_r13android-10.0.0_r12android10-qpr3-s1-releaseandroid10-qpr3-releaseandroid10-qpr2-s4-releaseandroid10-qpr2-s3-releaseandroid10-qpr2-s2-releaseandroid10-qpr2-s1-releaseandroid10-qpr2-releaseandroid10-qpr1-mainline-releaseandroid10-mainline-media-releaseandroid10-d4-s1-releaseandroid10-d4-releaseandroid10-c2f2-s2-releaseandroid10-c2f2-s1-releaseandroid10-c2f2-releaseRay Essick
am: 09cc4fab70 Change-Id: I40092730a48a55dd28840f4b55425d953738e275
2019-05-17Update the experimental notice so not android p specificandroid10-devRay Essick
This experimental notice had been Android-P specific; change the wording to apply to more versions of Android as it is still experimental. Bug: 131342273 Test: reading Change-Id: I3533dc8e0281b335e80a507ef334f1cad4566a39
2019-04-10Fix for Segmentation fault in ixheaacd_reset_acelp_data_fix func.Sushanth Patil
In ixheaacd_dec_main(),ixheaacd_config() returned from ixheaacd_read_bit_buf() due to setjmp/longjmp changes which resulted in ixheeacd_decode_create() not being called which is needed to initialize many pointers which in turn resulted in Segementation fault. As a fix, added a flag decode_create_done which will tell the status of ixheeacd_decode_create() func and ixheaacd_usac_process will be called based on this flag. Bug: 123908264 Bug: 123908335 Bug: 123975056 Test: poc Change-Id: I929f70650ddc963c11e5d674b12abc0100e1b076
2019-04-05Merge "Fix for integer overflows in tns filter related functions" into qt-devTreeHugger Robot
2019-04-05Merge "Fix for integer overflow in ixheaacd_fft_15_ld dec function" into qt-devTreeHugger Robot
2019-04-05Merge "Fix for array out of bound access in aac decoding" into qt-devTreeHugger Robot
2019-04-05Merge "Fixes for integer overflows in ixheaacd_qmf_dec_generic.c file" into ↵TreeHugger Robot
qt-dev
2019-04-04Fix for integer overflows in tns filter related functionsRajat Kumar
Added saturation checks, wherever overflow can occur throughout ixheaacd_aac_tns.c file. Bug:126975097 Bug:126983239 Test: poc Change-Id: Ic60116510c1a2d327adb34c4b627e01044a3385e
2019-04-04Fix for integer overflow in ixheaacd_fft_15_ld dec functionRajat Kumar
Added saturation checks throughout the function. Bug:126984878 Test: poc Change-Id: I687cb0f523867b5c6a013b6720a441e33be8b5b2
2019-04-04Fix for array out of bound access in aac decodingRajat Kumar
pstr_drc_dec->is_longblock once initialized was never used, so this section of code is redundant. Hence removed. Bug:124022176 Test: vendor+poc Change-Id: I30f785764a7031b546f01803720dbfccba75d023
2019-04-04Fixes for integer overflows in ixheaacd_qmf_dec_generic.c fileRajat Kumar
Added addition and subtraction saturation checks. Bug:124023982 Test: poc Change-Id: I7b21c806c8978242bf74c2a65d3cd1fe9acb1d6a
2019-04-04Fix for out of bound access in lpd decode functionRajat Kumar
Code written under the condition if (mod[0] == 0 && len_subfrm != LEN_FRAME) are redundant. We were filling garbage at st->fd_synth[ORDER - len_subfrm + i] and doing some calculations but never using it. So removed the redundant part here. Bug:122728400 Test: vendor + poc Change-Id: If55eeec1e21b2874c1cfd8eee8c71dc7da962a72
2019-04-03Merge master@5406228 into git_qt-dev-plus-aosp.Bill Rassieur
am: 7cfdb62fe6 Change-Id: I2e69047c9c78f22a6d9b3e3f24cad4015a99380f
2019-04-03Merge "Fix for out of bound write in xaacdec test bench"Ray Essick
2019-04-03Merge "Fix for testbench crash due to invalid file handle"TreeHugger Robot
2019-04-02Merge changes from topic "b124323156"Ray Essick
* changes: Initialize all allocated memory blocks to zero Update cfi blacklist to include few more assembly functions LDR changed to MOV instruction in armv8 and armv7 assemblies
2019-03-30Fix for testbench crash due to invalid file handleRajat Kumar
Added checks to handle cases when input, output or meta files are not passed in arguments of xaacdec. Removed process command mode support and related code from testbench. Removed interface file read support and moved the condition for drc to be on, if effect type or target loudness is present in the command line arguments. Bug:124627497 Test: poc Change-Id: I97e216f5bc6ba6c52dcdc6438ee4152f0cb1682c
2019-03-29Merge master@5406228 into git_qt-dev-plus-aosp.Bill Rassieur
Change-Id: If61b3c300c06b376410bc091576599f326b8b448 BUG: 129345239
2019-03-29Merge "Fix for array out of bound in ixheaacd_dec_execute"TreeHugger Robot
2019-03-29Merge "Fix for array and integer overflow in drc related functions"TreeHugger Robot
2019-03-27Initialize all allocated memory blocks to zeroRajat Kumar
Bug: 124323156 Test: poc Change-Id: I69b035d1b6bab81244dde319d4fceb3f42837380
2019-03-27Update cfi blacklist to include few more assembly functionsHarish Mahendrakar
CFI doesn't handle indirect calls to assembly functions. Few functions that called assembly functions weren't in the blacklist which caused CFI errors in few CTS tests Bug: 124323156 Test: atest android.media.cts.DecoderTest#testDecodeHeAacM4a Test: poc Change-Id: Id48404cfcf21353405b3d7676cc98d0d99763903
2019-03-27LDR changed to MOV instruction in armv8 and armv7 assembliesRajat Kumar
Removes memory accesses to constant values and replaces them with mov instructions. This would allow this library to be compatible with execute-only memory layouts. Bug: 124323156 Test: poc Change-Id: I801d4cfff953b9d13b80a97be04a3223117df29f
2019-03-27Fix for memory leak in meta read file.Rajat Kumar
meta_info->ia_mp4_stsz_size once allocated, was never freed, hence giving memory leaks. As a fix, added free when decoder de-initializes and when this memory is reallocated. Bug:124831933 Test: vendor Change-Id: Ie9465496fca15501bc7dffc29a4f6eccf3880e6d
2019-03-27Fix for array and integer overflow in drc related functionsRajat Kumar
Added init done check before execute calls to avoid access of uninitialized data. Bug:126652455 Test: poc Change-Id: Ia33d05658d3830f27dfe607c4f4e96233c272e20
2019-03-22Merge "Fix for addition overflow in voronoi_idx_dec"TreeHugger Robot
2019-03-21Fix for addition overflow in voronoi_idx_decRamesh Katuri
Added saturation check in ixheaacd_avq_dec.c file. Bug:126154841 Test: poc Change-Id: I8fe1e1b194bdde2854bb3b41c2b8b9bf00afc125
2019-03-21Fix for array out of bound in ixheaacd_dec_executeSushanth Patil
Decode init fatal error was not handled at upper level in ixheaacd_common_lpfuncs.c. Hence, corresponding check has been added. Bug:126154782 Test: poc Change-Id: I5332f5fd0260110f426cfe176e6d64f5989cfb08
2019-03-21Merge "Fix for xaacdec running in infinite loop in hbe_repl_spec func."TreeHugger Robot
2019-03-19Fix for xaacdec running in infinite loop in hbe_repl_spec func.Rajat Kumar
When ixheaacd_num_bands = 0, "while (patch_bands > 0)" goes into infinite looping since patch_bands remains unchanged in the loop. So as a fix added the corresponding check to break the loop when ixheaacd_num_bands becomes 0. Bug: 123974524 Test: poc Change-Id: Ie6364ad0b3cfd92df1a2664ec5850408aecce21b
2019-03-19Merge "Fixes for integer overflows in ixheaacd_fft.c file."TreeHugger Robot
2019-03-16Fix for Heap buffer overflow in read bit buffer for latm streamRamesh Katuri
for latm stream other_data_length is read from the bit stream. For this stream this value is becoming very high, which is beyond bit buffer boundaries. As a fix if the value is more than bit buffer size we are returning fatal error. Bug:124210105 Test: poc Change-Id: Id93e5dbdbbd4aab428401da0ea72422d192bcdec
2019-03-09Fixes for integer overflows in ixheaacd_fft.c file.Rajat Kumar
Added addition and subtraction saturation checks throughout ixheaacd_fft.c file. Bug:124022940 Bug:124023732 Bug:124024270 Test: poc Change-Id: Ie9fc7b1b301df968c7ba0b41b4b5532d2a957abd
2019-03-09Merge "Fix for array out of bound access in multichannel.c file"TreeHugger Robot
2019-03-08Merge "Fix integer overflows in ixheaacd_harm_idx_zerotwo and ↵TreeHugger Robot
ixheaacd_harm_idx_onethree"
2019-03-08Merge "Fix for OOB write in ixheaacd_real_synth_filt."TreeHugger Robot
2019-03-08Merge "Fix for heap-buffer-overflow in ixheaacd_aac_showbits_32"TreeHugger Robot
2019-03-01Fix for array out of bound access in multichannel.c fileRajat Kumar
Array common_gain_element_present was accessed with an index of 10, so a check has been added as fix and error return code handling has been modified. Bug:124022181 Test: poc Change-Id: Ic9be00f6a9cec2df433e7a5f86616da5e98c9e05
2019-02-25[automerger skipped] DO NOT MERGE - Merge pi-dev@5234907 into ↵Xin Li
stage-aosp-master am: 03e306175d -s ours am: b88540fc25 -s ours am skip reason: subject contains skip directive Change-Id: I164c9bad6317d4170e8062198ace246159519b83
2019-02-26Merge "Fix for multiplication overflow in voronoi_idx_dec function"TreeHugger Robot
2019-02-25[automerger skipped] DO NOT MERGE - Merge pi-dev@5234907 into stage-aosp-masterXin Li
am: 03e306175d -s ours am skip reason: subject contains skip directive Change-Id: Ib59ea09450fe025a272c199a9eb54e71c6fa55e9
2019-02-25Merge "Fixes for integer overflow at many places in ixheaacd_qmf_dec.c file"TreeHugger Robot
2019-02-25Merge "Fix for out of bound array access in decode hcr_non_pcw function"TreeHugger Robot
2019-02-24Fixes for integer overflow at many places in ixheaacd_qmf_dec.c fileRajat Kumar
the operations in the affected routines now use saturation. Bug: 124022347 Test: vendor+poc Change-Id: I3a9fcc39e01b576c3661ada4b8a14f90be456b1c
2019-02-24Merge changes from topic "xaac_b112709994"Ray Essick
* changes: Fix for global buffer overflow in scale factor process function Fix for NPD in ixheaacd_applysbr
2019-02-22Fix for multiplication overflow in voronoi_idx_dec functionRajat Kumar
Multiplication by two is replaced by left shift by one and saturate to avoid integer overflow. Bug:124023736 Test: vendor+poc Change-Id: I2b1ffead5f1c72106550d0b81d0cbd6c71acfde6
2019-02-22Fix for out of bound array access in decode hcr_non_pcw functionRajat Kumar
Bug:123974741 Test: vendor+poc Change-Id: Icbad136f3bc021fd0f96540cc24215818cf59d79
2019-02-22Fix for out of bound write in xaacdec test benchRajat Kumar
Check has been added to avoid reading more than input buffer's size. Bug:123907312 Test: vendor+poc Change-Id: I53438028e920271d6966ba95dc4ed110c8ba8a10
2019-02-22Fix for OOB write in ixheaacd_real_synth_filt.Tripti Tiwari
In erroneous case, qmf_band_idx becomes negative, causing synth table pointer corruption. As fix, added bound check on qmf_band_idx. Bug:118494320 Test: vendor Change-Id: Ia16a0a879a5621676b7756d80d12f2c761bb020b
2019-02-22Fix for heap-buffer-overflow in ixheaacd_aac_showbits_32Ramesh Katuri
Better feedback from a bit reading routine, allowing separate offset adjustments into buffer. Bug:117610057 Test: vendor+poc Change-Id: I3031cc50a727987512e2b8979fe14cbe23778245
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-27 07:09:20 +0000