Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b7bb2215 authored by Hui Peng's avatar Hui Peng
Browse files

Fix a potential OOB bug in SDP_AddAttribute 

`num_array` is not zero initialized and passed to
`SDP_TRACE_DEBUG` as a string, which dumps the memory
pointed by `num_array` until it sees a zero byte. If
`num_array` (allocated from the stack, containing random
values) does not contain zero byte, OOB access happens.

Bug: 263183883
Test: manual
Tag: #security
Ignore-AOSP-First: Security
Change-Id: Iad4c3a426ab4132787b63321b24ed1d8e07b3973
parent 72c35a1c
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment