Skip to content
Snippets Groups Projects
Commit a714943f authored by Hui Peng's avatar Hui Peng
Browse files

Fix a few OOB bugs in avrc_bld_get_folder_items_rsp 

This CL fixes the following 3 bugs:
1. Integer underflow triggered by malicious MTU from peer device
2. Integer overflow caused by maliciously long item names
3. Bug caused by typo: item_len_left -> attribute_len_left

Bug: 242994452
Tag: #security
Ignore-AOSP-First: security
Test: manual
Change-Id: I0d2af48b7eb3469d9d1923910e4facc8f2cdbc95
parent e8779817
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment