Fix security vulnerability: potential OOB write in audioserver am: 3f9a6d3bd9 am: 28d8817df3 am: 750a6a4ed8 am: 559dbde531 am: 4654f9ab8b am: 4154f08e79 am: 2ebeab8c6b Change-Id: I8ee48760ca62d1e9002a53694be8f39ff47a7b33

commit: c1964331708d2a4d161dba904b60fabcf98b6a11 [log] [tgz]
author: rago <rago@google.com> Wed Nov 30 19:44:52 2016 +0000
committer: android-build-merger <android-build-merger@google.com> Wed Nov 30 19:44:52 2016 +0000
tree: 86210829de1bac32907cff0d4d6c23a902a5d0bf
parent: d22d07f82b2f6a30fba60b32463ac3d16010ad60 [diff]
parent: 2ebeab8c6b26bc0882d6711fb1409a08fce74a13 [diff]
diff --git a/include/hardware/audio_effect.h b/include/hardware/audio_effect.h
index 41cd2e6..854f0c1 100644
--- a/include/hardware/audio_effect.h
+++ b/include/hardware/audio_effect.h

@@ -896,6 +896,9 @@
     char        data[];     // Start of Parameter + Value data
 } effect_param_t;
 
+// Maximum effect_param_t size
+#define EFFECT_PARAM_SIZE_MAX       65536
+
 // structure used by EFFECT_CMD_OFFLOAD command
 typedef struct effect_offload_param_s {
     bool isOffload;         // true if the playback thread the effect is attached to is offloaded
commit	c1964331708d2a4d161dba904b60fabcf98b6a11	[log] [tgz]
author	rago <rago@google.com>	Wed Nov 30 19:44:52 2016 +0000
committer	android-build-merger <android-build-merger@google.com>	Wed Nov 30 19:44:52 2016 +0000
tree	86210829de1bac32907cff0d4d6c23a902a5d0bf
parent	d22d07f82b2f6a30fba60b32463ac3d16010ad60 [diff]
parent	2ebeab8c6b26bc0882d6711fb1409a08fce74a13 [diff]