native handle - fix ubsan abort

missing bounds check

Fixes: 197919958
Test: hidl_test (while manually triggering ubsan)
Change-Id: I0234f56f0649b7bafec6f4e33509a93a3c739221

1 files changed, 2 insertions, 2 deletions

diff --git a/Parcel.cpp b/Parcel.cpp
index adafaab..6c7effa 100644
--- a/Parcel.cpp
+++ b/Parcel.cpp
@@ -1464,8 +1464,8 @@ status_t Parcel::readNullableNativeHandleNoDup(const native_handle_t **handle,
         return status;
     }
 
-    if (nativeHandleSize < sizeof(native_handle_t)) {
-        ALOGE("Received a native_handle_t size that was too small.");
+    if (nativeHandleSize < sizeof(native_handle_t) || nativeHandleSize > std::numeric_limits<uint32_t>::max()) {
+        ALOGE("Invalid native_handle_t size: %" PRIu64, nativeHandleSize);
         return BAD_VALUE;
     }