Cherry pick from vp9:
commit
85770264ac891505730dcd5092d1993a62c74060
Guard against incorrect size values moving *data past data_end.
Check read length against the difference of the buffers.
Change-Id: I5e8679ddd447c4d73deb80be5ec94841a92c5fcd
static int read_is_valid(const unsigned char *start, size_t len,
const unsigned char *end) {
- return (start + len > start && start + len <= end);
+ return len != 0 && len <= (size_t)(end - start);
}
static unsigned int read_available_partition_size(