Fix aapt badging segmentation fault Unsigned subtraction lead to arithmetic overflow which caused aapt to reference the vector out of its bounds. Bug: 175789289 Test: dump badging on a manifest with no uses-sdk tag Change-Id: Id1b96376a8bfe13c0c195bb6f62b681c3d686034

commit: 957168e2b2e90aae4c1846989e87d49fc4e7df3e [log] [tgz]
author: Ryan Mitchell <rtmitchell@google.com> Mon May 10 11:46:49 2021 -0700
committer: Ryan Mitchell <rtmitchell@google.com> Mon May 10 11:46:49 2021 -0700
tree: c43252531d904de0ba050b67c6c28a45b46cbaaf
parent: 969f4ec61b7f6d069726ffcc795d438af7d47f7d [diff] [blame]
diff --git a/tools/aapt/Command.cpp b/tools/aapt/Command.cpp
index f2c3b86..812e208 100644
--- a/tools/aapt/Command.cpp
+++ b/tools/aapt/Command.cpp

@@ -1121,8 +1121,8 @@
 
                 // Skip all "uses-sdk" tags besides the very last tag. The android runtime only uses
                 // the attribute values from the last defined tag.
-                for (size_t i = 0; i < usesSdkTagPositions.size() - 1; i++) {
-                    tagsToSkip.emplace_back(usesSdkTagPositions[i]);
+                for (size_t i = 1; i < usesSdkTagPositions.size(); i++) {
+                    tagsToSkip.emplace_back(usesSdkTagPositions[i - 1]);
                 }
 
                 // Reset the position before parsing.
commit	957168e2b2e90aae4c1846989e87d49fc4e7df3e	[log] [tgz]
author	Ryan Mitchell <rtmitchell@google.com>	Mon May 10 11:46:49 2021 -0700
committer	Ryan Mitchell <rtmitchell@google.com>	Mon May 10 11:46:49 2021 -0700
tree	c43252531d904de0ba050b67c6c28a45b46cbaaf
parent	969f4ec61b7f6d069726ffcc795d438af7d47f7d [diff] [blame]