Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 274ab2a3 authored by Abhinav Kumar's avatar Abhinav Kumar
Browse files

prima: Fix possible OOB read in ProcDnldRsp 

In ProcDnldRsp, pHdr->sBufSize is coming from fw message
which could not be trusted. Before its use ProcDnldRsp
should verify it against its max allowed size (UINT_MAX).

Fix is to add a sanity check for pHdr->sBufSize against
UINT_MAX before its use.

Change-Id: I6ec970483af860d5e42d6adac640274743f44f1a
CRs-Fixed: 2347297
parent b0f95f51
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment