OSDN Git Service
(root)
/
android-x86
/
system-bt.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
7f2040a
)
HID Host: Check L2CAP packet data length
author
Hansong Zhang
<hsz@google.com>
Thu, 7 Jun 2018 21:25:09 +0000
(14:25 -0700)
committer
Kevin Haggerty
<haggertk@lineageos.org>
Sun, 23 Sep 2018 21:12:56 +0000
(23:12 +0200)
Bug:
80493272
Test: manual
Change-Id: I8b1acd11616684729752195fabb4fa34c46a508d
(cherry picked from commit
ca47a05acb66218ff2123f8d4642961f7f2eb5e2
)
stack/hid/hidh_conn.c
patch
|
blob
|
history
diff --git
a/stack/hid/hidh_conn.c
b/stack/hid/hidh_conn.c
index
96fc5bd
..
82bf3a1
100644
(file)
--- a/
stack/hid/hidh_conn.c
+++ b/
stack/hid/hidh_conn.c
@@
-43,6
+43,7
@@
#include "hidh_int.h"
#include "bt_utils.h"
+#include "log/log.h"
#include "osi/include/osi.h"
#include "device/include/interop.h"
@@
-859,6
+860,14
@@
static void hidh_l2cif_data_ind (UINT16 l2cap_cid, BT_HDR *p_msg)
return;
}
+ if (p_msg->len < 1)
+ {
+ HIDH_TRACE_WARNING("Rcvd L2CAP data, invalid length %d, should be >= 1",
+ p_msg->len);
+ osi_free(p_msg);
+ android_errorWriteLog(0x534e4554, "80493272");
+ return;
+ }
ttype = HID_GET_TRANS_FROM_HDR(*p_data);
param = HID_GET_PARAM_FROM_HDR(*p_data);
OSDN Git Service
