From: Andrei Emeltchenko <andrei.emeltchenko@xxxxxxxxx>
Parameter passed needs to be of size number otherwise there is buffer
overflow.
---
unit/test-avrcp.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/unit/test-avrcp.c b/unit/test-avrcp.c
index 02f9949..1368933 100644
--- a/unit/test-avrcp.c
+++ b/unit/test-avrcp.c
@@ -402,10 +402,15 @@ static int get_attribute_text(struct avrcp *session, uint8_t transaction,
uint8_t number, uint8_t *attrs,
void *user_data)
{
- const char *text[] = { "equalizer" };
+ const char *text[number];
DBG("");
+ if (number) {
+ memset(text, 0, number);
+ text[0] = "equalizer";
+ }
+
avrcp_get_player_attribute_text_rsp(session, transaction, number, attrs,
text);
--
1.8.3.2
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
