diff options
| author | Manoj Gupta <manojgupta@google.com> | 2016-12-05 20:18:32 +0000 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2016-12-05 20:18:32 +0000 |
| commit | 7d4c77d6a1d646e2ec635bef614ab4f5f3a4909f (patch) | |
| tree | 50f1a7e9067643284ab3f6eb92282a32eb9c1d47 | |
| parent | 3a5794af8c4806b091272e164926cdda83f753e4 (diff) | |
| parent | b75c9f3714cfae3dad3d976958e063150781437e (diff) | |
| download | apf-oreo-security-release.tar.gz | |
Fix possible out of bound for program array am: f7cea66b5e am: dc89abf313 am: 1f1b66837candroid-vts-8.0_r9android-vts-8.0_r8android-vts-8.0_r7android-vts-8.0_r6android-vts-8.0_r2android-vts-8.0_r13android-vts-8.0_r12android-vts-8.0_r11android-vts-8.0_r10android-vts-8.0_r1android-security-8.0.0_r54android-security-8.0.0_r53android-security-8.0.0_r52android-cts-8.0_r9android-cts-8.0_r8android-cts-8.0_r7android-cts-8.0_r6android-cts-8.0_r5android-cts-8.0_r4android-cts-8.0_r3android-cts-8.0_r26android-cts-8.0_r25android-cts-8.0_r24android-cts-8.0_r23android-cts-8.0_r22android-cts-8.0_r21android-cts-8.0_r20android-cts-8.0_r2android-cts-8.0_r19android-cts-8.0_r18android-cts-8.0_r17android-cts-8.0_r16android-cts-8.0_r15android-cts-8.0_r14android-cts-8.0_r13android-cts-8.0_r12android-cts-8.0_r11android-cts-8.0_r10android-cts-8.0_r1android-8.0.0_r9android-8.0.0_r7android-8.0.0_r51android-8.0.0_r50android-8.0.0_r49android-8.0.0_r48android-8.0.0_r47android-8.0.0_r46android-8.0.0_r45android-8.0.0_r44android-8.0.0_r43android-8.0.0_r42android-8.0.0_r41android-8.0.0_r40android-8.0.0_r4android-8.0.0_r39android-8.0.0_r38android-8.0.0_r37android-8.0.0_r36android-8.0.0_r35android-8.0.0_r34android-8.0.0_r33android-8.0.0_r32android-8.0.0_r31android-8.0.0_r30android-8.0.0_r3android-8.0.0_r29android-8.0.0_r28android-8.0.0_r27android-8.0.0_r26android-8.0.0_r25android-8.0.0_r24android-8.0.0_r23android-8.0.0_r22android-8.0.0_r21android-8.0.0_r2android-8.0.0_r17android-8.0.0_r16android-8.0.0_r15android-8.0.0_r13android-8.0.0_r12android-8.0.0_r11android-8.0.0_r10android-8.0.0_r1security-oc-releaseoreo-vts-releaseoreo-security-releaseoreo-releaseoreo-r6-releaseoreo-r5-releaseoreo-r4-releaseoreo-r3-releaseoreo-r2-releaseoreo-dr3-releaseoreo-dr2-releaseoreo-dr1-releaseoreo-dr1-devoreo-devoreo-cts-release
am: b75c9f3714
Change-Id: I64dbd692498a2e5e79ab5ebec46811a2b5fc8a0e
| -rw-r--r-- | apf_disassembler.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apf_disassembler.c b/apf_disassembler.c index 8fa200a..03e6a06 100644 --- a/apf_disassembler.c +++ b/apf_disassembler.c @@ -92,7 +92,7 @@ int main(void) { if (len_field != 0) { const uint32_t imm_len = 1 << (len_field - 1); uint32_t i; - for (i = 0; i < imm_len; i++) + for (i = 0; i < imm_len && pc < program_len; i++) imm = (imm << 8) | program[pc++]; // Sign extend imm into signed_imm. signed_imm = imm << ((4 - imm_len) * 8); @@ -132,7 +132,7 @@ int main(void) { } else { uint32_t cmp_imm_len = 1 << (len_field - 1); uint32_t i; - for (i = 0; i < cmp_imm_len; i++) + for (i = 0; i < cmp_imm_len && pc < program_len; i++) cmp_imm = (cmp_imm << 8) | program[pc++]; printf("0x%x, ", cmp_imm); } |