am 1c73457a: am b124c9e8: Fix unchecked length in Blob creation * commit '1c73457afe3cb0afbc2a2884c41cfdd1148aca36': Fix unchecked length in Blob creation

commit: fd1ad3790fb089485cf7afc07f8b9f53d4c3136a [log] [tgz]
author: Chad Brubaker <cbrubaker@google.com> Mon Aug 03 17:45:13 2015 +0000
committer: Android Git Automerger <android-git-automerger@android.com> Mon Aug 03 17:45:13 2015 +0000
tree: 262db76768c9f3017ee562807c41299956a0b80a
parent: 90c4779146c9ac154fe85cd6a0775f8e1fc29be8 [diff]
parent: 1c73457afe3cb0afbc2a2884c41cfdd1148aca36 [diff]
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index 63f7ee2..58d2fd6 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp

@@ -485,8 +485,16 @@
 
 class Blob {
 public:
-    Blob(const uint8_t* value, int32_t valueLength, const uint8_t* info, uint8_t infoLength,
+    Blob(const uint8_t* value, size_t valueLength, const uint8_t* info, uint8_t infoLength,
             BlobType type) {
+        if (valueLength > sizeof(mBlob.value)) {
+            valueLength = sizeof(mBlob.value);
+            ALOGW("Provided blob length too large");
+        }
+        if (infoLength + valueLength > sizeof(mBlob.value)) {
+            infoLength = sizeof(mBlob.value) - valueLength;
+            ALOGW("Provided info length too large");
+        }
         mBlob.length = valueLength;
         memcpy(mBlob.value, value, valueLength);
commit	fd1ad3790fb089485cf7afc07f8b9f53d4c3136a	[log] [tgz]
author	Chad Brubaker <cbrubaker@google.com>	Mon Aug 03 17:45:13 2015 +0000
committer	Android Git Automerger <android-git-automerger@android.com>	Mon Aug 03 17:45:13 2015 +0000
tree	262db76768c9f3017ee562807c41299956a0b80a
parent	90c4779146c9ac154fe85cd6a0775f8e1fc29be8 [diff]
parent	1c73457afe3cb0afbc2a2884c41cfdd1148aca36 [diff]