Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit f8adec66 authored by Brian Delwiche's avatar Brian Delwiche
Browse files

Fix buffer overflow in BRSF 

bta_hf_client_at does not properly check bounds on its inputs,
allowing a buffer overflow when fed a buffer that is more than
twice the expected maximum size.  Add a new bounds check to
enforce, and a new security test to validate.

Bug: 231156521
Test: atest: BtaHfClientSecurityTest
Tag: #security
Ignore-AOSP-First: Security

Change-Id: I2cf89a786ba7cd0423eaccd8082bd824ac2f0d43
parent 8c63c7c1
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment