Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ecc14466 authored by Brian Delwiche's avatar Brian Delwiche Committed by Android Build Coastguard Worker
Browse files

Fix buffer overflow in BRSF 

bta_hf_client_at does not properly check bounds on its inputs,
allowing a buffer overflow when fed a buffer that is more than
twice the expected maximum size.  Add a new bounds check to
enforce, and a new security test to validate.

Bug: 231156521
Test: atest BtaHfClientSecurityTest
Tag: #security
Ignore-AOSP-First: Security

(cherry picked from commit f8adec66)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:691f010f3d2b4b4d1414f38a5dbf0cae7dae68a3)
Merged-In: I2cf89a786ba7cd0423eaccd8082bd824ac2f0d43
Change-Id: I2cf89a786ba7cd0423eaccd8082bd824ac2f0d43
parent 3413e114
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment