commit 54b1e9ad01c8042a449a9237833a335d6be04e83
author Chad Brubaker <cbrubaker@google.com> Wed Aug 12 13:40:31 2015 -0700
committer Chad Brubaker <cbrubaker@google.com> Wed Aug 12 13:44:05 2015 -0700
tree 72af7fa2fc4214a2ad832a94afe903d8c55f4a42
parent 4174f017cc331c9c52d63dd999f81e3425d2cbb4

Properly check for Blob max length

sizeof(mBlob.value) is incorrect because writeBlob pads up to the next
AES_BLOCK_SIZE

Bug:22802399
Change-Id: I377edca2c7ea2cf4455f22f5f927fdad79893729

keystore/keystore.cpp

diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index 8a43f02..65a8ea9 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp
@@ -508,12 +508,12 @@
     Blob(const uint8_t* value, size_t valueLength, const uint8_t* info, uint8_t infoLength,
             BlobType type) {
         memset(&mBlob, 0, sizeof(mBlob));
-        if (valueLength > sizeof(mBlob.value)) {
-            valueLength = sizeof(mBlob.value);
+        if (valueLength > VALUE_SIZE) {
+            valueLength = VALUE_SIZE;
             ALOGW("Provided blob length too large");
         }
-        if (infoLength + valueLength > sizeof(mBlob.value)) {
-            infoLength = sizeof(mBlob.value) - valueLength;
+        if (infoLength + valueLength > VALUE_SIZE) {
+            infoLength = VALUE_SIZE - valueLength;
             ALOGW("Provided info length too large");
         }
         mBlob.length = valueLength;