Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 5409196d authored by Brian Delwiche's avatar Brian Delwiche
Browse files

Harden array bounds validation 

Several bounds checks in btif_rc.cc are not validated against
AVRC_MAX_APP_ATTR_SIZE, leading to a potential buffer overflow when
processing AVRCP responses exceeding that length.

This is a patch from Qualcomm which has been adapted to T.

Bug: 261468700
Test: atest bluetooth_test_gd_unit
Tag: #security
Ignore-AOSP-First: Security
Change-Id: Ia71c9f22fa3eb0d2c2b50bf751a873a78919c38f
parent e6d1eec3
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment