Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-12-12 01:14:22 -05:00
Code Issues Packages Projects Releases Wiki Activity

14.1: December 2024 ASB picks

Browse Source 
Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
Tavi 2024-12-09 18:22:03 -05:00
parent 639719210a
commit b22ab2f4a5
No known key found for this signature in database
GPG Key ID: E599F62ECBAEAF2E
14 changed files with 287 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
Patches/LineageOS-14.1/android_external_skia/410675.patch Normal file
View File

@ -0,0 +1,50 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Ben Wagner <bungeman@google.com>
Date: Mon, 12 Aug 2024 15:00:08 -0400
Subject: [PATCH] Bounds check in skia_alloc_func
The allocator callback for zlib needs to check that items * size will
fit in size_t and return nullptr if not.
Conflicts:
- src/pdf/SkDeflate.cpp: just in header includes
Bug: 349678452
Reviewed-on: https://skia-review.googlesource.com/c/skia/+/888996
Commit-Queue: Ben Wagner <bungeman@google.com>
Reviewed-by: Brian Osman <brianosman@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:94b46e52960ec84a69304ea058fd928e3de6fa56)
Merged-In: Id1a30592d435bd0de4630e7047f26b0dc17654fc
Change-Id: Id1a30592d435bd0de4630e7047f26b0dc17654fc
Change-Id: I1c198cb3586db94b45d6f6592fac9c0dc9f19f23
---
src/pdf/SkDeflate.cpp | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/pdf/SkDeflate.cpp b/src/pdf/SkDeflate.cpp
index 3ae0d46068..2cc38bb9b7 100644
--- a/src/pdf/SkDeflate.cpp
+++ b/src/pdf/SkDeflate.cpp
@@ -10,6 +10,7 @@
#include "SkData.h"
#include "SkDeflate.h"
#include "SkStream.h"
+#include "SkTFitsIn.h"
#ifdef ZLIB_INCLUDE
#include ZLIB_INCLUDE
@@ -22,6 +23,13 @@ namespace {
// Different zlib implementations use different T.
// We've seen size_t and unsigned.
template <typename T> void* skia_alloc_func(void*, T items, T size) {
+ if (!SkTFitsIn<size_t>(size)) {
+ return nullptr;
+ }
+ const size_t maxItems = SIZE_MAX / size;
+ if (maxItems < items) {
+ return nullptr;
+ }
return sk_calloc_throw(SkToSizeT(items) * SkToSizeT(size));
}

37
Patches/LineageOS-14.1/android_external_skia/410676.patch Normal file
View File

@ -0,0 +1,37 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Brian Osman <brianosman@google.com>
Date: Thu, 29 Aug 2024 12:47:48 -0400
Subject: [PATCH] RESTRICT AUTOMERGE: Check for size overflow before allocating
SkMask data
Bug: 352631932
Test: N/A -- not reproducible / speculative fix
Reviewed-on: https://skia-review.googlesource.com/c/skia/+/894478
Commit-Queue: Ben Wagner <bungeman@google.com>
Reviewed-by: Ben Wagner <bungeman@google.com>
Auto-Submit: Brian Osman <brianosman@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:1fa94ff39bee75fe3a4abf061c09b972e2ffd0fa)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:cbf6a5953623cdb0ef200bcba00bc43986b16c91)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a96bda269af74d90cf3993c4429ce9e673a5fc36)
Merged-In: I74c081a7b849f13194ec7807b7a748d1919c1bb2
Change-Id: I74c081a7b849f13194ec7807b7a748d1919c1bb2
Change-Id: I4e5330532e3981a15f6eee8e65fe74e7da50f719
---
src/effects/SkBlurMaskFilter.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/effects/SkBlurMaskFilter.cpp b/src/effects/SkBlurMaskFilter.cpp
index 1be030baf6..4416a6174b 100644
--- a/src/effects/SkBlurMaskFilter.cpp
+++ b/src/effects/SkBlurMaskFilter.cpp
@@ -196,6 +196,9 @@ static bool prepare_to_draw_into_mask(const SkRect& bounds, SkMask* mask) {
mask->fRowBytes = SkAlign4(mask->fBounds.width());
mask->fFormat = SkMask::kA8_Format;
const size_t size = mask->computeImageSize();
+ if (size == 0) {
+ return false;
+ }
mask->fImage = SkMask::AllocImage(size);
if (nullptr == mask->fImage) {
return false;

42
Patches/LineageOS-14.1/android_system_bt/410678.patch Normal file
View File

@ -0,0 +1,42 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Brian Delwiche <delwiche@google.com>
Date: Mon, 8 Jul 2024 22:42:18 +0000
Subject: [PATCH] Fix OOB write in build_read_multi_rsp of gatt_sr.cc
build_read_multi_rsp is missing a bounds check, which can lead to an
OOB write when the mtu parameter is set to zero.
Add that bounds check.
Bug: 323850943
Test: atest GattSrTest
Test: researcher POC
Tag: #security
Flag: EXEMPT trivial validity checks
Ignore-AOSP-First: Security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c177fdbd6189a114239e11e2713740b5a50624e1)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:f7171d31e247e3367b302374a3a0cf671f50ffcd)
Merged-In: Icc8209aec68873c9821a36c579cd5df05c6ec8b8
Change-Id: Icc8209aec68873c9821a36c579cd5df05c6ec8b8
---
stack/gatt/gatt_sr.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/stack/gatt/gatt_sr.c b/stack/gatt/gatt_sr.c
index 6457a3758..c2ae49752 100644
--- a/stack/gatt/gatt_sr.c
+++ b/stack/gatt/gatt_sr.c
@@ -146,6 +146,13 @@ static BOOLEAN process_read_multi_rsp (tGATT_SR_CMD *p_cmd, tGATT_STATUS status,
/* Wait till we get all the responses */
if (fixed_queue_length(p_cmd->multi_rsp_q) == p_cmd->multi_req.num_handles)
{
+ // We need at least one extra byte for the opcode
+ if (mtu == 0)
+ {
+ GATT_TRACE_ERROR("Invalid MTU");
+ p_cmd->status = GATT_ILLEGAL_PARAMETER;
+ return(TRUE);
+ }
len = sizeof(BT_HDR) + L2CAP_MIN_OFFSET + mtu;
p_buf = (BT_HDR *)osi_calloc(len);
p_buf->offset = L2CAP_MIN_OFFSET;

71
Patches/LineageOS-14.1/android_system_bt/410679.patch Normal file
View File

@ -0,0 +1,71 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hui Peng <phui@google.com>
Date: Thu, 27 Jul 2023 04:09:04 +0000
Subject: [PATCH] Fix an integer underflow in build_read_multi_rsp
This is a backport of Ia60dd829ff9152c083de1f4c1265bb3ad595dcc4
to sc-dev
Bug: 273874525
Test: manual
Ignore-AOSP-First: security
Tag: #security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d5f27984f4ca265f28a4adf5835b0198a3e19aed)
Merged-In: Ia60dd829ff9152c083de1f4c1265bb3ad595dcc4
Change-Id: Ia60dd829ff9152c083de1f4c1265bb3ad595dcc4
---
stack/gatt/gatt_sr.c | 32 ++++++++++++++++++--------------
1 file changed, 18 insertions(+), 14 deletions(-)
diff --git a/stack/gatt/gatt_sr.c b/stack/gatt/gatt_sr.c
index c2ae49752..71ef7f427 100644
--- a/stack/gatt/gatt_sr.c
+++ b/stack/gatt/gatt_sr.c
@@ -183,9 +183,24 @@ static BOOLEAN process_read_multi_rsp (tGATT_SR_CMD *p_cmd, tGATT_STATUS status,
if (p_rsp != NULL)
{
- total_len = (p_buf->len + p_rsp->attr_value.len);
+ total_len = p_buf->len;
if (total_len > mtu)
+ {
+ GATT_TRACE_DEBUG ("Buffer space not enough for this data item, skipping");
+ break;
+ }
+
+ len = (p_rsp->attr_value.len < mtu - total_len) ?
+ p_rsp->attr_value.len : mtu - total_len;
+
+ if (len == 0)
+ {
+ GATT_TRACE_DEBUG ("Buffer space not enough for this data item, skipping");
+ break;
+ }
+
+ if (len < p_rsp->attr_value.len)
{
/* just send the partial response for the overflow case */
len = p_rsp->attr_value.len - (total_len - mtu);
@@ -199,19 +214,8 @@ static BOOLEAN process_read_multi_rsp (tGATT_SR_CMD *p_cmd, tGATT_STATUS status,
if (p_rsp->attr_value.handle == p_cmd->multi_req.handles[ii])
{
- // check for possible integer overflow
- if (p_buf->len + len <= UINT16_MAX)
- {
- memcpy(p, p_rsp->attr_value.value, len);
- if (!is_overflow)
- p += len;
- p_buf->len += len;
- }
- else
- {
- p_cmd->status = GATT_NOT_FOUND;
- break;
- }
+ ARRAY_TO_STREAM(p, p_rsp->attr_value.value, (uint16_t) len);
+ p_buf->len += (uint16_t) len;
}
else
{

35
Patches/LineageOS-14.1/android_system_bt/410680.patch Normal file
View File

@ -0,0 +1,35 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hui Peng <phui@google.com>
Date: Wed, 29 Nov 2023 00:53:33 +0000
Subject: [PATCH] Fix an OOB bug in btif_to_bta_response and
attp_build_value_cmd
Fix typo when converting from cc to c:
p_dest->attr_value.len = std::min<uint16_t>(p_src->attr_value.len, GATT_MAX_ATTR_LEN);
Bug: 276898739
Test: manual
Tag: #security
Ignore-AOSP-First: security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:138120c65f9b5a03d462d01da9c5c7f71c875e1e)
Change-Id: I0f1131b0b1ebd168202b4fde814010002e786817
---
btif/src/btif_gatt_util.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/btif/src/btif_gatt_util.c b/btif/src/btif_gatt_util.c
index 4edc7cf29..dc986385c 100644
--- a/btif/src/btif_gatt_util.c
+++ b/btif/src/btif_gatt_util.c
@@ -113,8 +113,8 @@ void btif_to_bta_response(tBTA_GATTS_RSP *p_dest, btgatt_response_t* p_src)
{
p_dest->attr_value.auth_req = p_src->attr_value.auth_req;
p_dest->attr_value.handle = p_src->attr_value.handle;
- p_dest->attr_value.len = (p_dest->attr_value.len < GATT_MAX_ATTR_LEN) ?
- p_dest->attr_value.len : GATT_MAX_ATTR_LEN;
+ p_dest->attr_value.len = (p_src->attr_value.len < GATT_MAX_ATTR_LEN) ?
+ p_src->attr_value.len : GATT_MAX_ATTR_LEN;
p_dest->attr_value.offset = p_src->attr_value.offset;
memcpy(p_dest->attr_value.value, p_src->attr_value.value, p_dest->attr_value.len);
}

37
Patches/LineageOS-14.1/android_system_bt/410681.patch Normal file
View File

@ -0,0 +1,37 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Paw=C5=82owski?= <jpawlowski@google.com>
Date: Thu, 1 Aug 2024 14:12:58 +0000
Subject: [PATCH] Fix "GATT Read Multiple Variable Response" builder
0 length value is perfectly fine, and should result in just length
added into the packet.
Currently, for 0 length value we just break out of loop, and don't add
any value.
This means, that if first characetristic in response had 0 length, we
would return empty packet.
Ignore-AOSP-First: security fix
Test: mma -j32;
Bug: 352696105
Bug: 356886209
Flag: exempt, obvious logic fix
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:167573989a2a11a71af1289615692c360c14bddf)
Merged-In: Ida4f6b566cf9fa40fc5330d8084c29669ccaa608
Change-Id: Ida4f6b566cf9fa40fc5330d8084c29669ccaa608
---
stack/gatt/gatt_sr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/stack/gatt/gatt_sr.c b/stack/gatt/gatt_sr.c
index 71ef7f427..584fe3887 100644
--- a/stack/gatt/gatt_sr.c
+++ b/stack/gatt/gatt_sr.c
@@ -194,7 +194,7 @@ static BOOLEAN process_read_multi_rsp (tGATT_SR_CMD *p_cmd, tGATT_STATUS status,
len = (p_rsp->attr_value.len < mtu - total_len) ?
p_rsp->attr_value.len : mtu - total_len;
- if (len == 0)
+ if (total_len == mtu && p_rsp->attr_value.len > 0)
{
GATT_TRACE_DEBUG ("Buffer space not enough for this data item, skipping");
break;

2
Patches/LineageOS-19.1/android_packages_modules_Connectivity/0002-Private_DNS.patch
View File

@ -16,7 +16,7 @@ Change-Id: I4e51da9d8fe08d1c4a287808f4464c0338b40334
2 files changed, 248 insertions(+)
diff --git a/framework/src/android/net/ConnectivitySettingsManager.java b/framework/src/android/net/ConnectivitySettingsManager.java
index 9c8d08fb1..27263d2a4 100644
index 9c8d08fb1..6ce4b5969 100644
--- a/framework/src/android/net/ConnectivitySettingsManager.java
+++ b/framework/src/android/net/ConnectivitySettingsManager.java
@@ -351,6 +351,84 @@ public class ConnectivitySettingsManager {

2
Patches/LineageOS-19.1/android_packages_modules_Permission/0004-Special_Permission-2.patch
View File

@ -36,7 +36,7 @@ index 18686875a..fad5be5b6 100644
}
}
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt
index d57e79751..4cfa0d38b 100644
index 92bfa887e..43d41f6c7 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt
+++ b/PermissionController/src/com/android/permissioncontroller/permission/service/AutoRevokePermissions.kt
@@ -100,7 +100,8 @@ suspend fun revokeAppPermissions(

4
Patches/LineageOS-19.1/android_packages_modules_Permission/0004-Special_Permission-3.patch
View File

@ -9,7 +9,7 @@ Toggles were not working correctly for API < 23.
1 file changed, 2 insertions(+)
diff --git a/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt b/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt
index da93d4f78..96f6e356f 100644
index 85908cb0e..fb320761f 100644
--- a/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt
+++ b/PermissionController/src/com/android/permissioncontroller/permission/utils/KotlinUtils.kt
@@ -547,6 +547,7 @@ object KotlinUtils {
@ -22,7 +22,7 @@ index da93d4f78..96f6e356f 100644
// Do not touch permissions fixed by the system, or permissions that cannot be granted
@@ -776,6 +777,7 @@ object KotlinUtils {
var newFlags = perm.flags
var isGranted = perm.isGrantedIncludingAppOp
var isGranted = perm.isGranted
val supportsRuntime = group.packageInfo.targetSdkVersion >= Build.VERSION_CODES.M
+ || Utils.isSpecialRuntimePermission(perm.name)
var shouldKill = false

4
Patches/LineageOS-20.0/android_frameworks_base/0013-Special_Permissions-5.patch
View File

@ -99,7 +99,7 @@ index 000000000000..efd48cb49aa3
+ private SpecialRuntimePermAppUtils() {}
+}
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 8c51df9d320e..373f11a4f333 100644
index 4ff9947fe0dd..bc14ef6332cb 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -214,6 +214,7 @@ import com.android.server.pm.permission.LegacyPermissionManagerInternal;
@ -110,7 +110,7 @@ index 8c51df9d320e..373f11a4f333 100644
import com.android.server.pm.pkg.PackageStateInternal;
import com.android.server.pm.pkg.PackageUserState;
import com.android.server.pm.pkg.PackageUserStateInternal;
@@ -6107,6 +6108,24 @@ public class PackageManagerService implements PackageSender, TestUtilityService
@@ -6122,6 +6123,24 @@ public class PackageManagerService implements PackageSender, TestUtilityService
getPerUidReadTimeouts(snapshot)
).doDump(snapshot, fd, pw, args);
}

2
Scripts/Common/Fix_CVE_Patchers.sh
View File

@ -96,7 +96,7 @@ commentPatches android_kernel_samsung_msm8930-common.sh "CVE-2017-11015/prima" "
commentPatches android_kernel_samsung_smdk4412.sh "CVE-2012-2127" "CVE-2016-8463/ANY/0001.patch";
commentPatches android_kernel_samsung_tuna.sh "CVE-2012-2127";
commentPatches android_kernel_samsung_universal8890.sh "0008-Graphene-Kernel_Hardening-ro" "CVE-2016-7917" "CVE-2018-1092" "CVE-2018-17972" "CVE-2019-16746" "CVE-2020-0427" "CVE-2020-14381" "CVE-2020-16166" "CVE-2022-42896/4.9";
commentPatches android_kernel_samsung_exynos9810.sh "CVE-2020-1749" "CVE-2019-ctnl-addr-leak" "CVE-2019-18282" "CVE-2019-11599" "CVE-2022-20566" "CVE-2019-16746" "CVE-2021-45469" "CVE-2020-0305" "CVE-2021-3506/4.19" "CVE-2024-26934/4.19" "CVE-2024-26934" "CVE-2024-44944";
commentPatches android_kernel_samsung_exynos9810.sh "CVE-2020-1749" "CVE-2019-ctnl-addr-leak" "CVE-2019-18282" "CVE-2019-11599" "CVE-2022-20566" "CVE-2019-16746" "CVE-2021-45469" "CVE-2020-0305" "CVE-2021-3506/4.19" "CVE-2024-26934/4.19" "CVE-2024-26934" "CVE-2024-44944" "CVE-2024-44931";
commentPatches android_kernel_samsung_universal9810.sh "CVE-2020-1749";
commentPatches android_kernel_sony_sdm660.sh "0008-Graphene-Kernel_Hardening-canaries/4.4/0002.patch" "CVE-2019-19319" "CVE-2020-0305" "CVE-2020-8992" "CVE-2020-16166" "CVE-2021-30319";
commentPatches android_kernel_sony_sdm845.sh "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992";

2
Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh
View File

@ -1098,7 +1098,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43854/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43858/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43882/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43893/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-44931/4.4/0008.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-44931/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-44939/^6.9/0001.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-44944/4.4/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-44947/4.4/0008.patch

8
Scripts/LineageOS-14.1/Patch.sh
View File

@ -82,7 +82,7 @@ sed -i '50i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
sed -i '296iLOCAL_AAPT_FLAGS += --auto-add-overlay' core/package_internal.mk;
awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
awk -i inplace '!/Exchange2/' target/product/core.mk;
sed -i 's/2021-06-05/2024-11-05/' core/version_defaults.mk; #Bump Security String #n-asb-2024-11 #XXX
sed -i 's/2021-06-05/2024-12-05/' core/version_defaults.mk; #Bump Security String #n-asb-2024-12 #XXX
fi;
if enterAndClear "device/qcom/sepolicy"; then
@ -178,6 +178,8 @@ fi;
if enterAndClear "external/skia"; then
applyPatch "$DOS_PATCHES/android_external_skia/407794.patch"; #n-asb-2024-11 Avoid potential overflow when allocating 3D mask from emboss filter
applyPatch "$DOS_PATCHES/android_external_skia/410675.patch"; #n-asb-2024-12 [pdf] Bounds check in skia_alloc_func
applyPatch "$DOS_PATCHES/android_external_skia/410676.patch"; #n-asb-2024-12 Check for size overflow before allocating SkMask data
fi;
if enterAndClear "external/sonivox"; then
@ -613,6 +615,10 @@ applyPatch "$DOS_PATCHES/android_system_bt/385238.patch"; #n-asb-2024-03 Fix an
applyPatch "$DOS_PATCHES/android_system_bt/385239.patch"; #n-asb-2024-03 Fix a security bypass issue in access_secure_service_from_temp_bond
applyPatch "$DOS_PATCHES/android_system_bt/396612.patch"; #n-asb-2024-07 Fix an authentication bypass bug in SMP
applyPatch "$DOS_PATCHES/android_system_bt/399271.patch"; #n-asb-2024-08 Fix heap-buffer overflow in sdp_utils.cc
applyPatch "$DOS_PATCHES/android_system_bt/410678.patch"; #n-asb-2024-12 Fix OOB write in build_read_multi_rsp of gatt_sr.cc
applyPatch "$DOS_PATCHES/android_system_bt/410679.patch"; #n-asb-2024-12 Fix an integer underflow in build_read_multi_rsp
applyPatch "$DOS_PATCHES/android_system_bt/410680.patch"; #n-asb-2024-12 Fix an OOB bug in btif_to_bta_response and attp_build_value_cmd
applyPatch "$DOS_PATCHES/android_system_bt/410681.patch"; #n-asb-2024-12 Fix "GATT Read Multiple Variable Response" builder
applyPatch "$DOS_PATCHES/android_system_bt/229574.patch"; #bt-sbc-hd-dualchannel-nougat: Increase maximum Bluetooth SBC codec bitrate for SBC HD (ValdikSS)
applyPatch "$DOS_PATCHES/android_system_bt/229575.patch"; #bt-sbc-hd-dualchannel-nougat: Explicit SBC Dual Channel (SBC HD) support (ValdikSS)
applyPatch "$DOS_PATCHES/android_system_bt/242134.patch"; #avrc_bld_get_attrs_rsp - fix attribute length position off by one (cprhokie)

4
Scripts/LineageOS-19.1/Patch.sh
View File

@ -132,10 +132,6 @@ sed -i '/LOCAL_MODULE/s/Camera/SecureCamera/' Android.mk; #Change module name
sed -i '11iLOCAL_OVERRIDES_PACKAGES := Camera Camera2 LegacyCamera Snap OpenCamera' Android.mk; #Replace the others
fi;
if enterAndClear "external/skia"; then
git fetch https://github.com/LineageOS/android_external_skia refs/changes/54/408154/1 && git cherry-pick FETCH_HEAD; #S_asb_2024-11 Avoid potential overflow when allocating 3D mask from emboss filter
fi;
if enterAndClear "frameworks/base"; then
git revert --no-edit 83fe523914728a3674debba17a6019cb74803045; #Reverts "Allow signature spoofing for microG Companion/Services" in favor of below patch
applyPatch "$DOS_PATCHES/android_frameworks_base/344888-backport.patch"; #fixup! fw/b: Add support for allowing/disallowing apps on cellular, vpn and wifi networks (CalyxOS)