If CT tries to change an Application Setting providing only one setting, the size of the PDU will be 3 bytes. Therefore we should check if the PDU is shorter than or equal 3, not only shorter. --- audio/avrcp.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/audio/avrcp.c b/audio/avrcp.c index e7b0d1b..ac9a107 100644 --- a/audio/avrcp.c +++ b/audio/avrcp.c @@ -1021,7 +1021,7 @@ static uint8_t avrcp_handle_set_player_value(struct media_player *mp, uint16_t len = ntohs(pdu->params_len); unsigned int i; - if (len < 3) + if (len <= 3) goto err; len = 0; -- 1.7.6.4 -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
