MIDI: check range of port counts

Fuzz testing cause out-of-memory errors
when passing very large port counts.
Now we check to make sure the port count is in a resonable range.

Bug: 135639926
Test: any MIDI test will exercise this code
Test: https://source.android.com/devices/audio/midi_test.html
Change-Id: Ic5dedc1eda86ff86a73a1da66ee6630c9662ceb8

1 files changed, 14 insertions, 1 deletions

diff --git a/media/java/android/media/midi/MidiDeviceInfo.java b/media/java/android/media/midi/MidiDeviceInfo.java
index c2229850b4ce..dd3b6dbd6a39 100644
--- a/media/java/android/media/midi/MidiDeviceInfo.java
+++ b/media/java/android/media/midi/MidiDeviceInfo.java
@@ -19,7 +19,6 @@ package android.media.midi;
 import android.os.Bundle;
 import android.os.Parcel;
 import android.os.Parcelable;
-
 import android.util.Log;
 
 /**
@@ -205,6 +204,20 @@ public final class MidiDeviceInfo implements Parcelable {
     public MidiDeviceInfo(int type, int id, int numInputPorts, int numOutputPorts,
             String[] inputPortNames, String[] outputPortNames, Bundle properties,
             boolean isPrivate) {
+        // Check num ports for out-of-range values. Typical values will be
+        // between zero and three. More than 16 would be very unlikely
+        // because the port index field in the USB packet is only 4 bits.
+        // This check is mainly just to prevent OutOfMemoryErrors when
+        // fuzz testing.
+        final int maxPorts = 256; // arbitrary and very high
+        if (numInputPorts < 0 || numInputPorts > maxPorts) {
+            throw new IllegalArgumentException("numInputPorts out of range = "
+                    + numInputPorts);
+        }
+        if (numOutputPorts < 0 || numOutputPorts > maxPorts) {
+            throw new IllegalArgumentException("numOutputPorts out of range = "
+                    + numOutputPorts);
+        }
         mType = type;
         mId = id;
         mInputPortCount = numInputPorts;