hci_dump() didn't check the length of frame, and it would be
a stack-buffer-overflow error.
Signed-off-by: Cho, Yu-Chen <acho@xxxxxxxx>
---
tools/parser/hci.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/parser/hci.c b/tools/parser/hci.c
index 8c7bd2581..4e6c36040 100644
--- a/tools/parser/hci.c
+++ b/tools/parser/hci.c
@@ -4107,6 +4107,9 @@ void hci_dump(int level, struct frame *frm)
frm->ptr++; frm->len--;
+ if (frm->len == 0)
+ return;
+
switch (type) {
case HCI_COMMAND_PKT:
command_dump(level, frm);
--
2.19.1
