---
android/gatt.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/android/gatt.c b/android/gatt.c
index 6ac930d..b95962d 100644
--- a/android/gatt.c
+++ b/android/gatt.c
@@ -1272,6 +1272,13 @@ static void handle_client_get_included_service(const void *buf, uint16_t len)
DBG("");
+ if (len != sizeof(*cmd) + (cmd->number * sizeof(cmd->srvc_id[0]))) {
+ error("Invalid get incl services size (%u bytes), terminating",
+ len);
+ raise(SIGTERM);
+ return;
+ }
+
device = find_device_by_conn_id(cmd->conn_id);
if (!device) {
status = HAL_STATUS_FAILED;
--
1.8.4
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
