Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:seife:testing
bluez
CVE-2016-9804-tool-hcidump-Fix-memory-leak-with...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch of Package bluez
# Upstream suggests to use btmon instead of hcidump and does not want those patches # => PATCH-FIX-OPENSUSE for those two :-) # fix some memory leak with malformed packet (reported upstream but not yet fixed) From 00f50518f232c758855ac9884a841f707f41a301 Mon Sep 17 00:00:00 2001 From: "Cho, Yu-Chen" <acho@suse.com> Date: Thu, 3 May 2018 18:52:19 +0800 Subject: [PATCH BlueZ] tool/hcidump: Fix memory leak with malformed packet The Supported Commands is a 64 octet bit field. Do not allow to read more then the size. --- tools/parser/csr.c | 5 +++++ 1 file changed, 5 insertions(+) Index: bluez-5.65/tools/parser/csr.c =================================================================== --- bluez-5.65.orig/tools/parser/csr.c +++ bluez-5.65/tools/parser/csr.c @@ -133,6 +133,11 @@ static inline void commands_dump(int lev unsigned char commands[64]; unsigned int i; + if (frm->len > 64) { + perror("Read failed"); + exit(1); + } + memcpy(commands, frm->ptr, frm->len); p_indent(level, frm);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor