Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 286fa983 authored by Venkata Jagadeesh Garaga's avatar Venkata Jagadeesh Garaga Committed by Chris Manton
Browse files

Fix Stack-buffer-over-flow while accessing remote device name 

Issue:
During authentication timeout, if remote device name is invalid.
A two byte placeholder remote name is passed to callback to intimate
authentication failure. Callback is trying to access 248 bytes
of remote device name from the passed remote name which is of
two bytes. Mismatch of length between passed remote name and
accessed remote device name leads to buffer-over-flow

Fix:
Replaced remote device name to an array of 248 bytes from
two bytes array.

Test:Basic bluetooth pairing
Test:gd/cert/run
Bug: 161663998
Tag: #stability
Sponsor:cmanton@

Change-Id: I0f45a0cf4b1a12c874c2c1fe4dc165c76dc5ae90
parent f7f31e4b
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment