Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / common / ee6493462f74013c6f365429401b716500aff838
commitee6493462f74013c6f365429401b716500aff838[log] [tgz]
authorChriz Chow <cmcvista@gmail.com>Fri Apr 20 15:46:24 2018 +0800
committerMarcel Holtmann <marcel@holtmann.org>Fri May 18 06:37:51 2018 +0200
tree29fed836bb393f20e99c2e3c9f3876db58602144
parent2cc6d0794cbab470b2d82d5a7547c865fd61e0f3 [diff]
Bluetooth: Prevent buffer overflow for large advertisement data

There are some controllers sending out advertising data with illegal
length value which is longer than HCI_MAX_AD_LENGTH, causing the
buffer last_adv_data overflows. To avoid these controllers from
overflowing the buffer, we do not process the advertisement data
if its length is incorrect.

Signed-off-by: Chriz Chow <chriz.chow@aminocom.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
1 file changed
tree: 29fed836bb393f20e99c2e3c9f3876db58602144
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. samples/
  18. scripts/
  19. security/
  20. sound/
  21. tools/
  22. usr/
  23. virt/
  24. .clang-format
  25. .cocciconfig
  26. .get_maintainer.ignore
  27. .gitattributes
  28. .gitignore
  29. .mailmap
  30. COPYING
  31. CREDITS
  32. Kbuild
  33. Kconfig
  34. MAINTAINERS
  35. Makefile
  36. README