Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 5537dc81 authored by Colin Ian King's avatar Colin Ian King Committed by Greg Kroah-Hartman
Browse files

Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow 



[ Upstream commit 713baf3dae8f45dc8ada4ed2f5fdcbf94a5c274d ]

An earlier commit replaced using batostr to using %pMR sprintf for the
construction of session->name. Static analysis detected that this new
method can use a total of 21 characters (including the trailing '\0')
so we need to increase the BTNAMSIZ from 18 to 21 to fix potential
buffer overflows.

Addresses-Coverity: ("Out-of-bounds write")
Fixes: fcb73338 ("Bluetooth: Use %pMR in sprintf/seq_printf instead of batostr")
Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent c0faa638
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment