Fix potential decrypt src pointer overflow. am: c14f262876 am: 107233b3dd am: e289b4aa83 am: 92d4d99b98 am: c5f312b883

Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/13472562

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Idb2e36a8815a0de2a769a330def6bb6c0d22383d
diff --git a/drm/1.0/default/CryptoPlugin.cpp b/drm/1.0/default/CryptoPlugin.cpp
index 2db3607..e6d4e84 100644
--- a/drm/1.0/default/CryptoPlugin.cpp
+++ b/drm/1.0/default/CryptoPlugin.cpp
@@ -124,7 +124,11 @@
             return Void();
         }
 
-        if (source.offset + offset + source.size > sourceBase->getSize()) {
+        size_t totalSize = 0;
+        if (__builtin_add_overflow(source.offset, offset, &totalSize) ||
+            __builtin_add_overflow(totalSize, source.size, &totalSize) ||
+            totalSize > sourceBase->getSize()) {
+            android_errorWriteLog(0x534e4554, "176496160");
             _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, 0, "invalid buffer size");
             return Void();
         }