Fix memory leak with malformed packet.
---
tools/parser/l2cap.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/tools/parser/l2cap.c b/tools/parser/l2cap.c
index a05796482..8b550f270 100644
--- a/tools/parser/l2cap.c
+++ b/tools/parser/l2cap.c
@@ -1557,6 +1557,12 @@ void l2cap_dump(int level, struct frame *frm)
hdr = frm->ptr;
dlen = btohs(hdr->len);
+ if ((dlen + L2CAP_HDR_SIZE) > (int) frm->len) {
+ /* malformed frame */
+ perror("Read Error");
+ return;
+ }
+
if (dlen + L2CAP_HDR_SIZE < (int) frm->len) {
/* invalid frame */
raw_dump(level,frm);
--
2.16.2
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
