Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit c99c43f7 authored by Keith Mok's avatar Keith Mok
Browse files

Fix interger overflow when parsing avrc response 

Convert min_len from 16 bits to 32 bits to avoid
length checking overflow.
Also, use calloc instead of malloc for list allocation
since caller need to clean up string memory in the list items

Bug: 242459126
Test: fuzz_avrc
Tag: #security
Ignore-AOSP-First: Security
Merged-In: I7250509f2b320774926a8b24fd28828c5217d8a4
Change-Id: I7250509f2b320774926a8b24fd28828c5217d8a4
(cherry picked from commit 0a25f097)
parent 1ecc7c64
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment