From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Courtney Goeltzenleuchter <courtneygo@google.com>
Date: Thu, 24 May 2018 08:23:55 -0600
Subject: [PATCH] Fix Buffer Overflow in Vendor Service display.qservice

Bug: 63145942
Test: adb shell vndservice call display.qservice 36 s16 sdlkfjsadlfkjasdf
Change-Id: I3fdf5ccd2bf4ed0fa980883fefdb57eb5fbfeee7
(cherry picked from commit 4050091844ccd427587024e5fd916113a5cc0029)
---
 sdm/libs/hwc2/hwc_session.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/sdm/libs/hwc2/hwc_session.cpp b/sdm/libs/hwc2/hwc_session.cpp
index d3c13eee9..90aa4f219 100644
--- a/sdm/libs/hwc2/hwc_session.cpp
+++ b/sdm/libs/hwc2/hwc_session.cpp
@@ -1240,6 +1240,10 @@ android::status_t HWCSession::SetColorModeOverride(const android::Parcel *input_
   auto mode = static_cast<android_color_mode_t>(input_parcel->readInt32());
   auto device = static_cast<hwc2_device_t *>(this);
 
+  if (display > HWC_DISPLAY_VIRTUAL) {
+    return -EINVAL;
+  }
+
   if (display >= HWC_NUM_DISPLAY_TYPES) {
     return -EINVAL;
   }