Hi Lizardo,
On Thu, Jan 24, 2013, Anderson Lizardo wrote:
> On Thu, Jan 24, 2013 at 4:21 PM, Anderson Lizardo
> <anderson.lizardo@xxxxxxxxxxxxx> wrote:
> > Hi Johan,
> >
> > On Thu, Jan 24, 2013 at 3:03 PM, Johan Hedberg <johan.hedberg@xxxxxxxxx> wrote:
> >> +static u8 *create_uuid16_list(struct hci_dev *hdev, u8 *data, ptrdiff_t len)
> >> +{
> >> + u8 *ptr = data, *uuids_start = NULL;
> >> + struct bt_uuid *uuid;
> >
> > Maybe you should check for "len < 2" here?
>
> Actually, "len < 4", to be able to fit at least a 16-bit UUID.
The way the EIR is constructed right now it's impossible for this
condition to be met (i.e. the only variable length field before the
UUID-16 list is the name which we limit to 48 bytes). Anyway, in case we
add more stuff to the beginning of the EIR in the future I agree that
it's good to have this check in place so we avoid stupid bugs.
I'll be sending a v2 of the set (also including a simplification to the
first patch) soon.
Johan
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
