OMX: allow only secure codec to remotely call allocateBuffer. Bug: 24310423 Change-Id: Iebcfc58b447f925ec2134898060af2ef227266a3

commit: 8dde7269a5356503d2b283234b6cb46d0c3f214e [log] [tgz]
author: Wei Jia <wjia@google.com> Mon Sep 28 11:32:23 2015 -0700
committer: Wei Jia <wjia@google.com> Fri Oct 02 11:15:18 2015 -0700
tree: 06ec842433e8f501addbe9d264a46f2f21fd9161
parent: a9a899d3970f41162c8e9c720bf05f3e6226a90a [diff] [blame]
diff --git a/media/libmedia/IOMX.cpp b/media/libmedia/IOMX.cpp
index 16da65e..5423c2a 100644
--- a/media/libmedia/IOMX.cpp
+++ b/media/libmedia/IOMX.cpp

@@ -963,6 +963,12 @@
 
             node_id node = (node_id)data.readInt32();
             OMX_U32 port_index = data.readInt32();
+            if (!isSecure(node) || port_index != 0 /* kPortIndexInput */) {
+                ALOGE("b/24310423");
+                reply->writeInt32(INVALID_OPERATION);
+                return NO_ERROR;
+            }
+
             size_t size = data.readInt64();
 
             buffer_id buffer;
commit	8dde7269a5356503d2b283234b6cb46d0c3f214e	[log] [tgz]
author	Wei Jia <wjia@google.com>	Mon Sep 28 11:32:23 2015 -0700
committer	Wei Jia <wjia@google.com>	Fri Oct 02 11:15:18 2015 -0700
tree	06ec842433e8f501addbe9d264a46f2f21fd9161
parent	a9a899d3970f41162c8e9c720bf05f3e6226a90a [diff] [blame]