Projects
Factory:RISC-V:Base
bluez
_service:tar_scm:backport-CVE-2021-3588.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-CVE-2021-3588.patch of Package bluez
From 9e6889d3b9d8f4dcc1ba57e6345d1efb2fbe1e77 Mon Sep 17 00:00:00 2001 From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Date: Mon, 4 Jan 2021 10:41:53 -0800 Subject: [PATCH] gatt: Fix potential buffer out-of-bound When client features is read check if the offset is within the cli_feat bounds. Fixes: https://github.com/bluez/bluez/issues/70 --- src/gatt-database.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/gatt-database.c b/src/gatt-database.c index c11d14b..a6530ba 100644 --- a/src/gatt-database.c +++ b/src/gatt-database.c @@ -1082,6 +1082,11 @@ static void cli_feat_read_cb(struct gatt_db_attribute *attrib, goto done; } + if (offset >= sizeof(state->cli_feat)) { + ecode = BT_ATT_ERROR_INVALID_OFFSET; + goto done; + } + len = sizeof(state->cli_feat) - offset; value = len ? &state->cli_feat[offset] : NULL; -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2