Fix type confusion in avdt_msg.cc
It is possible for a malicious user to reply to a pending AVDT message with the wrong type, leading to type confusion and an eventual OOB access. Add message type validation. Bug: 273995284 Test: m libbluetooth Ignore-AOSP-First: security Tag: #security (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2e26233afdfb8ac922ccda257c88ef7546b26d3e) Merged-In: I87a0df92710658d6c27d9b63ee7813a0d45a301a Change-Id: I87a0df92710658d6c27d9b63ee7813a0d45a301a
Loading
Please register or sign in to comment