Skip to content
Commit 57d1c919 authored by Jaganath Kanakkassery's avatar Jaganath Kanakkassery Committed by Anas Nashif
Browse files

Bluetooth: SDP: Fix possible out of bound memory access 



buf->len should be validated before accessing it since remote can
send invalid frame_len which can result in out of bound memory
access.

This also fix the len check wrt cstate, since current check is
not considering the cstate length size and frame_len size.

Jira: ZEP-2110
Signed-off-by: default avatarJaganath Kanakkassery <jaganathx.kanakkassery@intel.com>
parent e9adcd7e
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment

CRA Git | Maintained and supported by SUSTech CRA and CCSE