diff options
author | Cho, Yu-Chen <acho@suse.com> | 2018-10-31 16:15:07 +0800 |
---|---|---|
committer | Luiz Augusto von Dentz <luiz.von.dentz@intel.com> | 2018-11-02 12:54:55 +0200 |
commit | 01146fff6e66742b5e256cf7cbae3e0d7f30c530 (patch) | |
tree | 6614fd6ee2768b416652f39d291ecd6c509fa24d /tools/parser | |
parent | 70692b7e936cb430410a0fff67407e3a13ff613d (diff) | |
download | bluez-01146fff6e66742b5e256cf7cbae3e0d7f30c530.tar.gz |
hcidump:fixed hci frame dump stack-buffer-overflow
hci_dump() didn't check the length of frame, and it would be
a stack-buffer-overflow error.
Diffstat (limited to 'tools/parser')
-rw-r--r-- | tools/parser/hci.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/tools/parser/hci.c b/tools/parser/hci.c index 8c7bd2581..4e6c36040 100644 --- a/tools/parser/hci.c +++ b/tools/parser/hci.c @@ -4107,6 +4107,9 @@ void hci_dump(int level, struct frame *frm) frm->ptr++; frm->len--; + if (frm->len == 0) + return; + switch (type) { case HCI_COMMAND_PKT: command_dump(level, frm); |