Skip to content
Commit e6d27c77 authored by Lingao Meng's avatar Lingao Meng Committed by Carles Cufí
Browse files

Bluetooth: Host: Fix ATT security vulnerabilities 



When the client receives att error rsp, but the error code
is an illegal value, such as 0, an exception will be triggered.

gatt_read_type --> gatt_read_type_rsp --> parse_characteristic

`switch (rsp->len) {` null address access.

Signed-off-by: default avatarLingao Meng <menglingao@xiaomi.com>
parent 7420bb52
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment

CRA Git | Maintained and supported by SUSTech CRA and CCSE