OSDN Git Service
(root)
/
android-x86
/
system-bt.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
d3b4884
)
DO NOT MERGE HID Host: Check L2CAP packet data length
author
Hansong Zhang
<hsz@google.com>
Thu, 7 Jun 2018 21:18:22 +0000
(14:18 -0700)
committer
Max Spector
<mspector@google.com>
Fri, 20 Jul 2018 20:53:34 +0000
(13:53 -0700)
Bug:
80493272
Test: manual
Change-Id: I8b1acd11616684729752195fabb4fa34c46a508d
(cherry picked from commit
4344cfb76ad4c1c660d00a7b306acccde9bdef77
)
stack/hid/hidh_conn.c
patch
|
blob
|
history
diff --git
a/stack/hid/hidh_conn.c
b/stack/hid/hidh_conn.c
index
ffbafe4
..
39ba8bc
100644
(file)
--- a/
stack/hid/hidh_conn.c
+++ b/
stack/hid/hidh_conn.c
@@
-29,6
+29,7
@@
#include "bt_common.h"
#include "bt_types.h"
+#include "log/log.h"
#include "l2cdefs.h"
#include "l2c_api.h"
@@
-820,6
+821,13
@@
static void hidh_l2cif_data_ind (UINT16 l2cap_cid, BT_HDR *p_msg)
return;
}
+ if (p_msg->len < 1)
+ {
+ HIDH_TRACE_WARNING ("HID-Host Rcvd L2CAP data, invalid length");
+ osi_free(p_msg);
+ android_errorWriteLog(0x534e4554, "80493272");
+ return;
+ }
ttype = HID_GET_TRANS_FROM_HDR(*p_data);
param = HID_GET_PARAM_FROM_HDR(*p_data);
OSDN Git Service
