android-6.0.1_r80 to android-6.0.1_r81 AOSP changelog

This only includes the Android Open Source Project changes and does not include any changes in any proprietary components included by Google or any hardware manufacturer. The raw log was generated using a modified version of this script written by JBQ and improved by Al Sutton.

Please do not copy this without attribution to this site and JBQ for the original script.

+- Project: platform/build

b642f06 : [DO NOT MERGE] Update platform security string to 2017-10-01 in mnc-dev Bug:64896113 (cherry picked from commit 21a54abbad6d972c967fa463c04d4e1e1341b2de)
2898d5e : Update security string to September for mnc-mr2-release (cherry picked from commit 9919a8f45e88be99acdc0657a69292587d649fdc)
6883843 : Version bump to MOI10C
0491f7c : Merge Security String into MNC-MR2-release

+- Project: platform/external/dnsmasq

8e61a18 : Add extra (size_t) cast to avoid compiler warning.
a8ca1b7 : Make dnsmasq more stable.

+- Project: platform/external/libavc

7982bb3 : Decoder: Fixed overflow in refernce list creation.
aa63aa8 : Initialize DPB structures to valid values.
dc02f24 : Added error check for output buffer size.
8f14f2c : Return error when there are more mmco params than allocated size
30006d8 : Fixed hang in the case of multiple sps id.
cdf55bf : Decoder: Fix in the case of MMCO 6
5d381a7 : Decoder: Cleaned up parse sps function.
8aa3346 : Fix resolution change within a decode call.
61ba590 : DO NOT MERGE Fixed bug in the case of resolution change.
b0fcf73 : DO NOT MERGE Handle level/profile/num_ref_frames/num_reorder change at the same resolution
23ea14b : Initializing reference list for every P/B slice.
af62e6c : Decoder: Fixed allocation size of pred info buffer
9d5ad9d : DO NOT MERGE Fixed bug during resolution change fix merge conflict into mnc-mr2-release Modifies how i4_header_decoded is decoder context is used, to ensure that resolution change is detected even if PPS has not been decoded.

+- Project: platform/external/libhevc

51daa94 : Fix slice decrement for skipped slices
ebfa865 : Ensure CTB size > 16 for clips with tiles and width/height >= 4096
751066b : Limit boundary PU sizes in case of errors
b4b020b : Fix array size for hrd parameters
64383a5 : Check number of output buffers and sizes
bca3e6f : Return error for invalid crop parameters
7d407e2 : Fix OOB issue in nal unit parsing
8efb4f1 : Set pic_present at end of pic_init instead of beginning
e58ae42 : Handle error return in parse slice

+- Project: platform/external/libmpeg2

dc28c7a : Fixed Memory Overflow Errors
1d98429 : Correcting NumCoeff Check in VLD
b07fc26 : Adding Error Check For PictureStructure Param
6f1e0a1 : Update mbs_left In Case Of Missing Slice
d0c0ee8 : Check For Zero Width/Height in Frame Header

+- Project: platform/external/sfntly

ba20672 : Merge remote-tracking branch 'aosp/upstream-master' into master
e8b9b14 : Merge commit 'bbc9221' into master

+- Project: platform/external/sonivox

9739cfd : Fix interpolator

+- Project: platform/external/sqlite

760f574 : DO NOT MERGE - fix FTS3 column pointer handling

+- Project: platform/external/tremolo

02e439f : Fix out of bounds access in codebook processing
369676d : Use heap instead of alloca in res012.c

+- Project: platform/frameworks/av

0722044 : Check buffer size in useBuffer in software components
60df6f9 : stagefright: avoid buffer overflow in base64 decoder
3a2b694 : Add EFFECT_CMD_SET_PARAM parameter checking to Downmix and Reverb
6c32471 : Fix memory leak in OggExtractor
82611a7 : Skip track if verification fails
9e00827 : MPEG4Source: fix fragmented read.
64ae507 : stagefright: fix crash due to bad timestamp index
35022b1 : stagefright: check aac_frame_length to prevent infinite loop
d7e9859 : MediaPlayerService: fix access of mPlayer in client
b2d5a5c : DO NOT MERGE: MPEG4Extractor: ensure returned status is checked.
7767ed0 : audio effects: filter reserved effect commands
d658ea0 : Change MPEG2 reinit Error Handling
14381c9 : Track: Check buffer size of static tracks
5787e7c : MPEG4Extractor: check size for yrrc box
e82db6b : Notify Errors Appropriately from SoftMPEG2
ab85024 : AudioFlinger: Fix memory allocation for client-less tracks
a900117 : EffectBundle: Check value size for get preset name
3c069fa : Fix TOCTOU problem in libstagefright_soft_aacenc
bf8b140 : Fix security vulnerability: Equalizer setParameter memory overflow
c7b31e8 : Check the buffer index from acquireBuffer
7ae8415 : NuPlayerDecoder: fail gracefully when input data can't be held in allocated buffer.
1d13ec5 : Fix integer overflow in mediadrmserver
a85b732 : better manage buffer for libstagefright_soft_mpeg4enc
b217066 : m4v_h263: update width/height only when they are valid.
4c1c46f : m4v_h263: check header first before decoding a frame.
0a4c710 : Fix potential leak
2a732f8 : DO NOT MERGE Don't leak `this` out of GraphicBufferSource ctor

+- Project: platform/frameworks/base

3d98aa4 : Fix security hole in GateKeeperResponse.
3ecbdaf : Enforce policy for camera gesture in keyguard
ba8a607 : Back-port fixes for b/62196835
69579af : Close connection before retrying

+- Project: platform/frameworks/minikin

91e22d4 : Reject unsorted cmap entries. DO NOT MERGE

+- Project: platform/frameworks/opt/net/wifi

f247252 : cherry-pick: wifinative jni: check array length for trackSignificantWifiChange

+- Project: platform/hardware/qcom/audio

b4d3255 : Equalizer: Check value size for get preset name
933a6a6 : Fix security vulnerability: Equalizer setParameter memory overflow

+- Project: platform/hardware/ril

3f5f3a9 : DO NOT MERGE Fix security vulnerability in pre-O rild code.

+- Project: platform/packages/apps/Messaging

e621653 : 37742976 - Catch bad gifs

+- Project: platform/packages/apps/Nfc

5efcddc : Add READ_EXTERNAL_STORAGE for file based Uri while beaming.

+- Project: platform/packages/apps/PackageInstaller

7e13c6b : DO NOT MERGE Disable overlays while installer is resumed
a246c9a : Back-port ag/2514922

+- Project: platform/packages/apps/Settings

20fe61f : Disabling the activate button when paused
577c8bd : Back-port ag/2491664

+- Project: platform/system/bt

abbcc5c : Add missing extension length check while parsing BNEP control packets
1883243 : Free p_pending_data from tBNEP_CONN to avoid potential memory leaks
ebbe7bc : Add a missing check for PAN buffer size before copying data
19cbebe : Add missing packet length checks while parsing BNEP control packets
62ec70f : Add missing continuation offset check for SDP continuation requests
59788ce : Allocate buffers of the right size when BT_HDR is included
482038b : Disable PAN Reverse Tethering when connection originated by the Remote