From 878bdeb38043407869c684fb73708b04e8fe0ce4 Mon Sep 17 00:00:00 2001
From: Neelkamal Semwal <neelkamal.semwal@ittiam.com>
Date: Wed, 15 Sep 2021 21:46:10 +0530
Subject: libOpus: fix OOB read in ssse4 correlation kernel

Few SIMD functions read 16 bytes at a time and this
potentially leads to OOB read for some buffers
allocated on stack using ALLOC() calls. In order to
avoid these OOB reads, ALLOC() now allocates 16 additional bytes.

Bug: 191352053

Test: poc in bug description
Test: atest VtsHalMediaC2V1_0TargetAudioDecTest
Test: atest VtsHalMediaC2V1_0TargetAudioEncTest

Change-Id: I4da2840844d60f251dd7a222f51d508e4eb8749f
---
 Android.bp | 1 +
 1 file changed, 1 insertion(+)

(limited to 'Android.bp')

diff --git a/Android.bp b/Android.bp
index 702ddcc4..270d3271 100644
--- a/Android.bp
+++ b/Android.bp
@@ -208,6 +208,7 @@ cc_library {
         "-DOPUS_BUILD",
         "-DFIXED_POINT",
         "-DUSE_ALLOCA",
+        "-DSIMD_EXTRA_ALLOC_BYTES=16",
         "-DHAVE_LRINT",
         "-DHAVE_LRINTF",
         "-DENABLE_HARDENING",
-- 
cgit v1.2.3