Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit efa5f4ef authored by Brian Delwiche's avatar Brian Delwiche Committed by Android Build Coastguard Worker
Browse files

Fix type confusion in avdt_msg.cc 

It is possible for a malicious user to reply to a pending AVDT message
with the wrong type, leading to type confusion and an eventual OOB
access.

Add message type validation.

Bug: 273995284
Test: m libbluetooth
Ignore-AOSP-First: security
Tag: #security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2e26233afdfb8ac922ccda257c88ef7546b26d3e)
Merged-In: I87a0df92710658d6c27d9b63ee7813a0d45a301a
Change-Id: I87a0df92710658d6c27d9b63ee7813a0d45a301a
parent b6008f92
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment