Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 3413e114 authored by Brian Delwiche's avatar Brian Delwiche Committed by Android Build Coastguard Worker
Browse files

Harden array bounds validation 

Several bounds checks in btif_rc.cc are not validated against
AVRC_MAX_APP_ATTR_SIZE, leading to a potential buffer overflow when
processing AVRCP responses exceeding that length.

This is a patch from Qualcomm which has been adapted to T.

Bug: 261468700
Test: atest bluetooth_test_gd_unit
Tag: #security
Ignore-AOSP-First: Security
(cherry picked from commit 5409196d)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a879c195cb1a61ac336a0d8b1e4147ef8f015bb0)
Merged-In: Ia71c9f22fa3eb0d2c2b50bf751a873a78919c38f
Change-Id: Ia71c9f22fa3eb0d2c2b50bf751a873a78919c38f
parent e2ee3fb1
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment