Explaining Stagefright and the error in the Patch

A bufferover flow discovered in Android April was reported to Google with a proposed fix.  The name used is Stagefright and it effects 650 million android devices.  However, the the patch doens't really solve the overflow.  This article details how the overflow works, how their patch works and how the patch fails. It's a really clear explination of technical vulnerability when deailing with 32bit and 64bit ints.
 

http://blog.exodusintel.com/2015/08/13/stagefright-mission-accomplished/

Submitted by Anonymous on