- 01 Sep, 2015 34 commits
-
-
Wei Jia authored
Bug: 23416608 Change-Id: I4dacd38ed42db8f4887c3ee386dc909451f4346f
-
Joshua J. Drake authored
Integer overflows could occur a few places within findFrame. These can lead to out-of-bounds reads and potentially infinite loops. Ensure that arithmetic does not wrap around to prevent these behaviors. Bug: 23285192 Change-Id: I72a61df7d5719d1d3f2bd0b37fba86f0f4bbedee
-
Jeff Tinker authored
Clarify that decrypt destination is not a pointer for secure case. b/23223325 Change-Id: I642dcf790a9eb9e32175f3e0d8f040c82228e3ac (cherry picked from commit ed555d70)
-
Marco Nelissen authored
Bug: 23346388 Change-Id: Ifd918cefc90527c2f52177c3ce0da7a13259ad08
-
Wei Jia authored
- The ABuffer used for the Message has a preset value of 1024, if flattening the meta data exceeds this value, a check fails hence the crash. - This change creates a new ABuffer if the buffer size would exceed the buffer capacity. Bug: 22771132 CRs-Fixed: 857850 (cherry picked from commit 9c170c07) Change-Id: I056ade2f95bc8d82dfe092de7ecddba588cc5b72
-
Eric Laurent authored
Clear output stream pointer in duplicating thread when the main output to which it is attached is closed. Also do not forward master mute and volume commands to duplicating threads as this is not applicable. Also fix logic in AudioFlinger::primaryPlaybackThread_l() that could accidentally return a duplicating thread. This never happens because the primary thread is always first in the list. Bug: 20731946. Change-Id: Ic8869699836920351b23d09544c50a258d3fb585 (cherry picked from commit f6870aef)
-
Marco Nelissen authored
Bug: 23306638 Change-Id: I2b5160e0f58f90d3f67c3964f41f5734ec0da053
-
Wei Jia authored
Bug: 20674674 Change-Id: I511c22d59789e1cc3a21fe13ea08ac3752e737c6
-
Robert Shih authored
Bug: 21335999 Change-Id: I76bd34610e52048ffcf16e41aa6175afc8a14ee4 (cherry picked from commit 2dcf6138)
-
Neel Mehta authored
Bug: 23227354 Change-Id: Iaa36cfda4fd84ca7e039f56086fd61b4118020db (cherry picked from commit 77e23413)
-
Wei Jia authored
Bug: 20674674 Change-Id: Iace5b8c882339b3a9d2e706375255aeeeb0532fe
-
Abhishek Arya authored
Bug: 20674086 Change-Id: I2ee6b7e0eabbf696c0986d08b2d759d48cb9eb7b
-
Robert Shih authored
Bug: 22008959 Change-Id: I5f6e188adcc593796455bdaf7b0b8aba672b106e
-
Abhishek Arya authored
BUG: 20674086 Change-Id: Idaff17975b327adea65c39bdba1ab4e88789c0cd
-
Chong Zhang authored
bug: 22845824 Change-Id: I8c375790c697e02b6ab3ea54b84d3f70d5e78141 (cherry picked from commit 346de3c2)
-
Jeff Tinker authored
bug: 23016072 Change-Id: If3c9a835408773847c0024a812bd8b4915ebd680 (cherry picked from commit fa8ebb45)
-
Vignesh Venkatasubramanian authored
The output buffer size as per opus project's sample decoder [1] is 960*6*channel_count. Whereas in SoftOpus, we use 960*6 (without the channel count multiplier. Fixing it to include maximum number of channels possible as the multiplier. [1] http://git.xiph.org/?p=opus-tools.git;a=blob;f=src/opusdec.c;h=d085f04eacdfd49759ffdb73db805562ba396720;hb=f2a2e88b47f6f24083a37be476f140f677fe7160#l571 BUG=20721050 Change-Id: I323891a1b11491782bc093477b09e7757b885674 (cherry picked from commit 08e82275)
-
Marco Nelissen authored
Bug: 21814993 Change-Id: Idaac61b4b9f4058b94e84093644593ba315d72ff (cherry picked from commit c1a104aa)
-
Dan Albert authored
Bug:23213430 Change-Id: I6f2e2b03b968a569b122004b4803c5d17fccfb12 (cherry picked from commit 635bc8f9)
-
Marco Nelissen authored
Bug: 22388975 Change-Id: I3c157b1029d37f6a22e6302ea7b52077fe27ce53 (cherry picked from commit 529c595b)
-
Marco Nelissen authored
Bug: 23036083 Bug: https://code.google.com/p/android/issues/detail?id=182053 Change-Id: I1a5cbe06990900160c2addade238c1e9feab8f71 (cherry picked from commit c63cc509)
-
Nick Kralevich authored
If size == SIZE_MAX, the line: uint8_t *buffer = new (std::nothrow) uint8_t[size + 1]; ends up allocating zero bytes, which is obviously incorrect. (cherry picked from commit b2d33aee) Bug: 23031033 Change-Id: I8027247a4e24d2c8a8b4eac88c3643eccda108b9
-
Marco Nelissen authored
Instead of rejecting the samples later when they don't fit in the buffer, reject the entire file early. Bug: 22882938 Change-Id: I748153b0e9e827e3f2526468756295b4b5000de6 (cherry picked from commit beef7e58)
-
Marco Nelissen authored
Bug: 22954006 Change-Id: I488cb1e2c69fc7043b6040481b30fa866000515d
-
Eric Laurent authored
Limit number of ports and patches listed by LIST_AUDIO_PATCHES and LIST_AUDIO_PORTS. Also fix typo causing wring pointer to be used when writing to Parcel. Bug: 19573085. Change-Id: I41a9c710e45738a4f11990160587856c429a4646
- 15 Aug, 2015 1 commit
-
-
Baligh Uddin authored
This reverts commit d3831760. Change-Id: I0509f7eadb3a27c4cadbd3088cb57a588463f457
-
- 14 Aug, 2015 3 commits
-
-
Jeff Tinker authored
Bug: 22414321 Change-Id: I062c662a440a1becccd248c3b8ddf711c51e53cc related-to-bug: 18394494 related-to-bug: 19664283 (cherry picked from commit 2fb561a6)
-
Nick Kralevich authored
chunk_size is a uint64_t, so it can legitimately be bigger than SIZE_MAX, which would cause the subtraction to underflow. https://code.google.com/p/android/issues/detail?id=182251 Bug: 23034759 Change-Id: Ic1637fb26bf6edb0feb1bcf2876fd370db1ed547
-
Marco Nelissen authored
Bug: 21296336 Change-Id: I78be5141b3108142f12d7cb94839fa50f776d84a
-
- 05 Aug, 2015 1 commit
-
-
Baligh Uddin authored
This reverts commit d3831760. Change-Id: I0509f7eadb3a27c4cadbd3088cb57a588463f457
-
- 23 Jul, 2015 1 commit
-
-
Jeff Tinker authored
Bug: 22414321 Change-Id: I062c662a440a1becccd248c3b8ddf711c51e53cc related-to-bug: 18394494 related-to-bug: 19664283 (cherry picked from commit 2fb561a6)
-