bluez: fix CVE-2017-1000250
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com> bluez: fix CVE-2017-1000250 Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This commit is contained in:
parent
b56e6504be
commit
de79f4c749
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=bluez
|
||||
PKG_VERSION:=5.38
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
||||
PKG_SOURCE_URL:=@KERNEL/linux/bluetooth/
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
diff --git a/src/sdpd-request.c b/src/sdpd-request.c
|
||||
index 1eefdce..318d044 100644
|
||||
--- a/src/sdpd-request.c
|
||||
+++ b/src/sdpd-request.c
|
||||
@@ -917,7 +917,7 @@ static int service_search_attr_req(sdp_req_t *req, sdp_buf_t *buf)
|
||||
} else {
|
||||
/* continuation State exists -> get from cache */
|
||||
sdp_buf_t *pCache = sdp_get_cached_rsp(cstate);
|
||||
- if (pCache) {
|
||||
+ if (pCache && cstate->cStateValue.maxBytesSent < pCache->data_size) {
|
||||
uint16_t sent = MIN(max, pCache->data_size - cstate->cStateValue.maxBytesSent);
|
||||
pResponse = pCache->data;
|
||||
memcpy(buf->data, pResponse + cstate->cStateValue.maxBytesSent, sent);
|
Loading…
Reference in New Issue