android-5.1.1_r17 to android-5.1.1_r22 AOSP changelog

This only includes the Android Open Source Project changes and does not include any changes in any proprietary components included by Google or any hardware manufacturer. The raw log was generated using a modified version of this script written by JBQ, and further improved by Al Sutton.

Please do not copy this without attribution to Android Police, Al Sutton, and JBQ for the original script.

+- Project: platform/build

5f48454 : "LYZ28M"
57677bf : LYZ28L

+- Project: platform/cts

7036a0c : test if libFLAC is patched against CVE-2014-9028
51ddad9 : CTS: check non-zygote apps are not debuggable

+- Project: platform/dalvik

33a371c : Ensure deterministic multidex partitioning

+- Project: platform/external/flac

02bdb9d : Add macro definitions for clang/llvm.

+- Project: platform/external/libhevc

d445726 : Align pic_width_in_luma_samples and pic_width_in_luma_samples to 8

+- Project: platform/external/libvpx

e49adbe : Try to CP ag/749963 from klp-dev into lmp-mr1-release

+- Project: platform/external/skia

975a33c : SkScaledBitmapSampler: fix memory overwritten

+- Project: platform/external/sonivox

17d7b93 : Sonivox: check loopStart/loopLength against one specific wave, not whole wave pool.
a9ebdd8 : Sonivox: fix overflow in Parse_data in eas_mdls.c
9dcd3f5 : Sonivox: make sure waveIndex is valid in Parse_rgn() in eas_mdls.c.
ced96b1 : Check segments and libs

+- Project: platform/external/sqlite

a9f7a4d : sqlite: upgrade to SQLite 3.8.6.1 - DO NOT MERGE

+- Project: platform/external/tremolo

f58a422 : Add sanity checks to fix crash
a4cf7e6 : Fix vorbis decoder crash due to out of bounds memory access
fc0a867 : Fix allocation failure crash

+- Project: platform/frameworks/av

af0ebd3 : DO NOT MERGE - Fix software video decoder buffer size calculation
48442e0 : libstagefright: fix overflow in pvdec_api.cpp.
dc6d889 : Revert "Fix compile after rI431aa2b7d30a942350ab6d105451c6b77e2f99d4"
b2e0ea4 : libstagefright: check memory size for overflow before allocation.
1736098 : DO NOT MERGE - SoftwareRenderer: sanity check buffer size before copying data.
d4c47af : libstagefright: check overflow before memory allocation in OMXCodec.cpp
f6ac1dd : Prevent integer issues in ID3::Iterator::findFrame
501a65a : DO NOT MERGE Part of fix for libmedia OOB write anywhere
35169cf : libstagefright: fix overflow in MPEG4Source::parseSampleAuxiliaryInformationOffsets.
74998bc : Check RTSP payload length
d3294a9 : libstagefright: Fix crash in convertMetaDataToMessage
420efae : libstagefright: fix handling of mSampleTimeEntries and mNumSampleSizes in SampleTable.
dec265d : DO NOT MERGE - audio flinger: fix fuzz test crash
5e0e391 : Sanity check padding/delay values for gapless playback
188ca4a : SoftAVCEncoder: fix auto merge error, member names have changed.
21ba1fd : MatroskaExtractor: detect infinite loop when parsing NALs
e0f4b53 : Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
4ac9ac1 : SoftAVCEncoder: fix mismatched type for comparison.
b80a824 : Fix compile failure after rI431aa2b7d30a942350ab6d105451c6b77e2f99d4
32bc490 : MPEG4Source::fragmentedRead: check range before writing into buffers
4f49197 : Fix compile after rI431aa2b7d30a942350ab6d105451c6b77e2f99d4
d331153 : do not dequeue from native window after we hit fatal error -- DO NOT MERGE
7f0c9a5 : libstagefright: check remaining data size before parsing it.
54109a0 : SoftAVCEnc: check requested memory size before allocation.
66f26a1 : Check integer overflow to prevent memory corruption
9b14e2b : SoftOpus: Fix output buffer capacity.
02bc99a : Check buffer size before using it
49094be : Fix comparison sign warnings.
69a205a : ABuffer: reset members when memory allocation fails.
00b81c2 : Check vector size before accessing
7c5e64c : libstagefright: fix possible overflow in amrwbenc.
dc79a97 : libstagefright: fix possible overflow in ID3.
d00977a : Fix Ogg album art
9c320c2 : MPEG4Extractor.cpp: Add check for size == SIZE_MAX
8da2d03 : Extra sanity checks on sample size and resolution
b98f5ff : Fix crash on malformed id3
2fba899 : SampleTable: fix integer overflow checks.
6729b34 : DO NOT MERGE - IAudioFlinger: add checks on binder calls

+- Project: platform/frameworks/base

beb965c : [DO NOT MERGE] Bump up the timeout for uncrypt to 900s.
035a39d : DO NOT MERGE. Truncate and ellipsize app name if too long for dialog.
ff80e34 : Allow debugging only for apps forked from zygote

+- Project: platform/packages/apps/Bluetooth

683b6e3 : DO NOT MERGE Fix security vulnerabilities in permission of deleting MMS/SMS

+- Project: platform/system/core

d41177b : libutils: fix overflow in String8::allocFromUTF8
3267776 : libutils: fix overflow in SharedBuffer [DO NOT MERGE]
af28591 : Fix compile failure after rIfe1dc0791040150132bea6884f1e6c8d31972d1b

+- Project: platform/system/security

b5ba01d : Properly check for Blob max length