[PATCH] attrib/gatttool: fix possible infinite loop when reading long descriptors/characteristics

["Abel, Robert (TKI-31)" <robert.abel@xxxxxxxxxxxxxxxxx>]

Signed-off-by: Robert Abel <Robert.Abel@xxxxxxxxxxxxxxxxx>
---
 attrib/gatt.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/attrib/gatt.c b/attrib/gatt.c
index 480f87425..e492f9d77 100644
--- a/attrib/gatt.c
+++ b/attrib/gatt.c
@@ -35,6 +35,7 @@
 #include "lib/sdp_lib.h"
 #include "lib/uuid.h"

+#include "src/shared/att-types.h"
 #include "src/shared/util.h"
 #include "att.h"
 #include "gattrib.h"
@@ -784,6 +785,9 @@ static void read_blob_helper(guint8 status, const guint8 *rpdu, guint16 rlen,
        long_read->buffer = tmp;
        long_read->size += rlen - 1;

+       if (long_read->size >= BT_ATT_MAX_VALUE_LEN)
+               goto done;
+
        buf = g_attrib_get_buffer(long_read->attrib, &buflen);
        if (rlen < buflen)
                goto done;
--
2.15.0.windows.1

��.n��������+%������w��{.n�����{����^n�r������&��z�ޗ�zf���h���~����������_��+v���)ߣ�