Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit ecc14466 authored by Brian Delwiche's avatar Brian Delwiche Committed by Android Build Coastguard Worker
Browse files

Fix buffer overflow in BRSF 

bta_hf_client_at does not properly check bounds on its inputs,
allowing a buffer overflow when fed a buffer that is more than
twice the expected maximum size.  Add a new bounds check to
enforce, and a new security test to validate.

Bug: 231156521
Test: atest BtaHfClientSecurityTest
Tag: #security
Ignore-AOSP-First: Security

(cherry picked from commit f8adec66)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:691f010f3d2b4b4d1414f38a5dbf0cae7dae68a3)
Merged-In: I2cf89a786ba7cd0423eaccd8082bd824ac2f0d43
Change-Id: I2cf89a786ba7cd0423eaccd8082bd824ac2f0d43
parent 3413e114
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment