Skip to content
Permalink
Browse files

Fix vulnerability where large GPS XTRA data can be injected. -Can pot…

…entially crash system with OOM. Bug: 29555864

Change-Id: I7157f48dddf148a9bcab029cf12e26a58d8054f4
(cherry picked from commit dde12c6)
  • Loading branch information...
David Christie authored and andi34 committed Jul 26, 2016
1 parent f7a2cb9 commit 50e6269f2c5c1be4db9ffabb5b9cc0f8019e8c61
Showing with 4 additions and 2 deletions.
  1. +4 −2 services/java/com/android/server/location/GpsXtraDownloader.java
@@ -44,6 +44,7 @@

private static final String TAG = "GpsXtraDownloader";
static final boolean DEBUG = false;
private static final long MAXIMUM_CONTENT_LENGTH_BYTES = 1000000; // 1MB.

private Context mContext;
private String[] mXtraServers;
@@ -138,8 +139,9 @@
byte[] body = null;
if (entity != null) {
try {
if (entity.getContentLength() > 0) {
body = new byte[(int) entity.getContentLength()];
long contentLength = entity.getContentLength();
if (contentLength > 0 && contentLength <= MAXIMUM_CONTENT_LENGTH_BYTES) {
body = new byte[(int) contentLength];
DataInputStream dis = new DataInputStream(entity.getContent());
try {
dis.readFully(body);

0 comments on commit 50e6269

Please sign in to comment.
You can’t perform that action at this time.