Merge "Security fix for out of bound read in p2p_invite" into udc-dev am: f090dd3bae Original change: https://googleplex-android-review.googlesource.com/c/platform/external/wpa_supplicant_8/+/22438192 Change-Id: Ifbe63cb37046a23518d7d2286465ff2d66d48b72 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

commit: 76f752475648fa88b58943472d6f83f702ed14b2 [log] [tgz]
author: Sunil Ravi <sunilravi@google.com> Tue Apr 04 01:57:50 2023 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Tue Apr 04 01:57:50 2023 +0000
tree: 174903a669a87eaf83c3fb980f6273cfcedd4a41
parent: eed3859d5ca68d2325f5c8f990e4de68931226dd [diff]
parent: f090dd3bae4bf8bde22311686b765866de457fa4 [diff]
diff --git a/wpa_supplicant/aidl/p2p_iface.cpp b/wpa_supplicant/aidl/p2p_iface.cpp
index 2afd75b..a48fcb3 100644
--- a/wpa_supplicant/aidl/p2p_iface.cpp
+++ b/wpa_supplicant/aidl/p2p_iface.cpp

@@ -1117,7 +1117,7 @@
 	const std::vector<uint8_t>& peer_address)
 {
 	struct wpa_supplicant* wpa_s = retrieveIfacePtr();
-	if (peer_address.size() != ETH_ALEN) {
+	if (go_device_address.size() != ETH_ALEN || peer_address.size() != ETH_ALEN) {
 		return {createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
 	}
 	if (wpas_p2p_invite_group(
commit	76f752475648fa88b58943472d6f83f702ed14b2	[log] [tgz]
author	Sunil Ravi <sunilravi@google.com>	Tue Apr 04 01:57:50 2023 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Tue Apr 04 01:57:50 2023 +0000
tree	174903a669a87eaf83c3fb980f6273cfcedd4a41
parent	eed3859d5ca68d2325f5c8f990e4de68931226dd [diff]
parent	f090dd3bae4bf8bde22311686b765866de457fa4 [diff]