| commit | 34e4630ad2242c3518de409c1518f1d263a79d2e | [log] [tgz] |
|---|---|---|
| author | Sunil Ravi <sunilravi@google.com> | Tue Apr 04 23:50:56 2023 +0000 |
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | Tue Apr 04 23:50:56 2023 +0000 |
| tree | 33d110575d66073589fe80943978c10d846e72d5 | |
| parent | 7fd1479b85c67c0bec8c9e414ab544b22f272432 [diff] | |
| parent | 1d9ae9a55470b894973457e3a4892a8820ca1bd7 [diff] |
Security fix for out of bound read in p2p_invite am: 1d9ae9a554 Original change: https://googleplex-android-review.googlesource.com/c/platform/external/wpa_supplicant_8/+/22442334 Change-Id: I80039e074a385280d2c98bc78cbfb05bfad544cd Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/wpa_supplicant/aidl/p2p_iface.cpp b/wpa_supplicant/aidl/p2p_iface.cpp index b0a2dbf..adfd0dd 100644 --- a/wpa_supplicant/aidl/p2p_iface.cpp +++ b/wpa_supplicant/aidl/p2p_iface.cpp
@@ -1405,7 +1405,7 @@ const std::vector<uint8_t>& peer_address) { struct wpa_supplicant* wpa_s = retrieveIfacePtr(); - if (peer_address.size() != ETH_ALEN) { + if (go_device_address.size() != ETH_ALEN || peer_address.size() != ETH_ALEN) { return {createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)}; } if (wpas_p2p_invite_group(