OSDN Git Service

(root) / android-x86 / external-bluetooth-bluez.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3d6f41b) | patch
Fix memory corruption when decoding Read Response PDU
authorAnderson Lizardo <anderson.lizardo@openbossa.org>
Wed, 28 Sep 2011 19:01:32 +0000 (15:01 -0400)
committerJohan Hedberg <johan.hedberg@intel.com>
Sat, 1 Oct 2011 07:09:13 +0000 (10:09 +0300)
commit547f9e37b89126a74d69a6066f0d315250ee70d2
tree79c8ab8a7a18ab2250cbe46be293ec57cbb1c7f5tree | snapshot
parent3d6f41b498980e9a48b9f716b04cc9a2c223ef83commit | diff
Fix memory corruption when decoding Read Response PDU

A bogus (or hostile) Proximity Reporter device may send a TX Power value
bigger than the buffer used. Therefore, create a temporary buffer with
the maximum size, and check for the length before using the value.

Note that all other current users of the dec_read_resp() already do
this. Another option would be to change dec_read_resp() to accept a
buffer length, but this would break external code, so it is avoided for
now.
proximity/monitor.c diff | blob | history
external/bluetooth/bluez
About OSDN
Find Software
Develop Software
Help