Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ee96c03e authored by Josh Wu's avatar Josh Wu
Browse files

Security: Fix out of bound read in AT_SKIP_REST 

Bug: 220732646
Test: build
Tag: #security
Ignore-AOSP-First: Security bug
Change-Id: Ia49f26e4979f9e57c448190a52d0d01b70e342c4
parent 284ad163

system/bta/hf_client/bta_hf_client_at.cc

+3 −3
Original line number Original line Diff line number Diff line
@@ -818,7 +818,7 @@ void bta_hf_client_binp(tBTA_HF_CLIENT_CB* client_cb, char* number) { 
/* skip rest of AT string up to <cr> */

/* skip rest of AT string up to <cr> */

#define AT_SKIP_REST(buf)                             \

#define AT_SKIP_REST(buf)                             \

  do {                                                \

  do {                                                \

    while (*(buf) != '\r') (buf)++; \

    while (*(buf) != '\r' && *(buf) != '\0') (buf)++; \

  } while (0)

  } while (0)





static char* bta_hf_client_parse_ok(tBTA_HF_CLIENT_CB* client_cb,

static char* bta_hf_client_parse_ok(tBTA_HF_CLIENT_CB* client_cb,