Fix copyFrom overflow when arg is UINT32_MAX.

hidl_string's copyFrom method is actually allocating size + 1 in order to allocate space for the extra '\0'. This fixes the OBO in the check to avoid overflow. Fixes: 68197287 Test: libhidl_Test Change-Id: Ic455b9931d7068fb9d19775baba2f424a08182e3
author: Steven Moreland <smoreland@google.com> 2017-10-24 18:12:34 -0700
committer: Steven Moreland <smoreland@google.com> 2017-10-24 18:14:31 -0700
commit: 98893802c24dc810b7952bec85a3c7017b26352b (patch)
tree: 4fdf7700e7cecbbb743d9e38645c10f9693abdff
parent: 3f8c4164067e0239c7f1cdd020d397ce42a9e641 (diff)
download: libhidl-98893802c24dc810b7952bec85a3c7017b26352b.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/base/HidlSupport.cpp b/base/HidlSupport.cpp
index f857281..aec3fed 100644
--- a/base/HidlSupport.cpp
+++ b/base/HidlSupport.cpp
@@ -217,7 +217,7 @@ std::ostream& operator<<(std::ostream& os, const hidl_string& str) {
 void hidl_string::copyFrom(const char *data, size_t size) {
     // assume my resources are freed.
 
-    if (size > UINT32_MAX) {
+    if (size >= UINT32_MAX) {
         LOG(FATAL) << "string size can't exceed 2^32 bytes: " << size;
     }
     char *buf = (char *)malloc(size + 1);
author	Steven Moreland <smoreland@google.com>	2017-10-24 18:12:34 -0700
committer	Steven Moreland <smoreland@google.com>	2017-10-24 18:14:31 -0700
commit	98893802c24dc810b7952bec85a3c7017b26352b (patch)
tree	4fdf7700e7cecbbb743d9e38645c10f9693abdff
parent	3f8c4164067e0239c7f1cdd020d397ce42a9e641 (diff)
download	libhidl-98893802c24dc810b7952bec85a3c7017b26352b.tar.gz