As param_size is included in apr header pkt_size, out of
bounds access occurs in glink. Remove the param size addition
to fix this issue.
CRs-Fixed:
2472208
Change-Id: If8b34aeacd3bc9ba67ac9276eb1a8ebf0933f9f9
Signed-off-by: Aditya Bavanari <abavanar@codeaurora.org>
afe_get_param.apr_hdr.hdr_field =
APR_HDR_FIELD(APR_MSG_TYPE_SEQ_CMD, APR_HDR_LEN(APR_HDR_SIZE),
APR_PKT_VER);
- afe_get_param.apr_hdr.pkt_size = sizeof(afe_get_param) + param_size;
+ afe_get_param.apr_hdr.pkt_size = sizeof(afe_get_param);
afe_get_param.apr_hdr.src_port = 0;
afe_get_param.apr_hdr.dest_port = 0;
afe_get_param.apr_hdr.token = index;