Merge "Security fix for out of bound read in p2p_invite" into udc-dev

commit: f090dd3bae4bf8bde22311686b765866de457fa4 [log] [tgz]
author: Sunil Ravi <sunilravi@google.com> Tue Apr 04 01:28:37 2023 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> Tue Apr 04 01:28:37 2023 +0000
tree: 174903a669a87eaf83c3fb980f6273cfcedd4a41
parent: c9d5105391dab359c2c45ab1f641b4f2db3d9449 [diff]
parent: 947b5e2ed339224aa5f3751ca3b22370face0967 [diff]
diff --git a/wpa_supplicant/aidl/p2p_iface.cpp b/wpa_supplicant/aidl/p2p_iface.cpp
index 2afd75b..a48fcb3 100644
--- a/wpa_supplicant/aidl/p2p_iface.cpp
+++ b/wpa_supplicant/aidl/p2p_iface.cpp

@@ -1117,7 +1117,7 @@
 	const std::vector<uint8_t>& peer_address)
 {
 	struct wpa_supplicant* wpa_s = retrieveIfacePtr();
-	if (peer_address.size() != ETH_ALEN) {
+	if (go_device_address.size() != ETH_ALEN || peer_address.size() != ETH_ALEN) {
 		return {createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
 	}
 	if (wpas_p2p_invite_group(
commit	f090dd3bae4bf8bde22311686b765866de457fa4	[log] [tgz]
author	Sunil Ravi <sunilravi@google.com>	Tue Apr 04 01:28:37 2023 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	Tue Apr 04 01:28:37 2023 +0000
tree	174903a669a87eaf83c3fb980f6273cfcedd4a41
parent	c9d5105391dab359c2c45ab1f641b4f2db3d9449 [diff]
parent	947b5e2ed339224aa5f3751ca3b22370face0967 [diff]