CronetDataSource: fix overflow bug

There is a bug when CronetDataSource opens an asset with a length bigger that Integer.MAX_INT (2147483647 bytes, ~2GB). In read(), `bytesRemaining` is cast to int, which overflows and evaluates to a negative number, causing `bytesRead` to be negative too. PiperOrigin-RevId: 370434368
2026-03-29 10:05:48 +00:00 · 2021-04-26 13:03:47 +01:00 · 2021-04-26 13:03:47 +01:00 · bc69509aba
commit bc69509aba
parent 2fba921558
1 changed files with 6 additions and 5 deletions
--- a/extensions/cronet/src/main/java/com/google/android/exoplayer2/ext/cronet/CronetDataSource.java
+++ b/extensions/cronet/src/main/java/com/google/android/exoplayer2/ext/cronet/CronetDataSource.java
@ -38,7 +38,7 @@ import com.google.android.exoplayer2.util.Util;
 import com.google.common.base.Ascii;
 import com.google.common.base.Predicate;
 import com.google.common.net.HttpHeaders;
-import com.google.common.primitives.Ints;
+import com.google.common.primitives.Longs;
 import java.io.IOException;
 import java.io.InterruptedIOException;
 import java.net.SocketTimeoutException;
@ -676,10 +676,11 @@ public class CronetDataSource extends BaseDataSource implements HttpDataSource {
    // Ensure we read up to bytesRemaining, in case this was a Range request with finite end, but
    // the server does not support Range requests and transmitted the entire resource.
    int bytesRead =
-        Ints.min(
-            bytesRemaining != C.LENGTH_UNSET ? (int) bytesRemaining : Integer.MAX_VALUE,
-            readBuffer.remaining(),
-            readLength);
+        (int)
+            Longs.min(
+                bytesRemaining != C.LENGTH_UNSET ? bytesRemaining : Long.MAX_VALUE,
+                readBuffer.remaining(),
+                readLength);

    readBuffer.get(buffer, offset, bytesRead);