Re: [PATCH] unit/avrcp: Fix possible buffer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Andrei,

On Wed, Mar 19, 2014 at 2:26 PM, Andrei Emeltchenko
<Andrei.Emeltchenko.news@xxxxxxxxx> wrote:
> From: Andrei Emeltchenko <andrei.emeltchenko@xxxxxxxxx>
>
> Parameter passed needs to be of size number otherwise there is buffer
> overflow.
> ---
>  unit/test-avrcp.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/unit/test-avrcp.c b/unit/test-avrcp.c
> index 02f9949..1368933 100644
> --- a/unit/test-avrcp.c
> +++ b/unit/test-avrcp.c
> @@ -402,10 +402,15 @@ static int get_attribute_text(struct avrcp *session, uint8_t transaction,
>                                         uint8_t number, uint8_t *attrs,
>                                         void *user_data)
>  {
> -       const char *text[] = { "equalizer" };
> +       const char *text[number];
>
>         DBG("");
>
> +       if (number) {
> +               memset(text, 0, number);
> +               text[0] = "equalizer";
> +       }
> +
>         avrcp_get_player_attribute_text_rsp(session, transaction, number, attrs,
>                                                                         text);
>
> --
> 1.8.3.2

Pushed.


-- 
Luiz Augusto von Dentz
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux