This is an automated email from the ASF dual-hosted git repository.
janc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git
The following commit(s) were added to refs/heads/master by this push:
new 4e3ac5b6e nimble/host: Add Number Complete Packets event validation
4e3ac5b6e is described below
commit 4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9
Author: Szymon Janc <[email protected]>
AuthorDate: Thu Nov 7 09:44:30 2024 +0100
nimble/host: Add Number Complete Packets event validation
Validate if HCI event received from controller has proper sizes before
passing it to GAP event
---
nimble/host/src/ble_hs_hci_evt.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/nimble/host/src/ble_hs_hci_evt.c b/nimble/host/src/ble_hs_hci_evt.c
index a8b95108b..47430423b 100644
--- a/nimble/host/src/ble_hs_hci_evt.c
+++ b/nimble/host/src/ble_hs_hci_evt.c
@@ -292,6 +292,10 @@ ble_hs_hci_evt_num_completed_pkts(uint8_t event_code,
const void *data,
uint16_t num_pkts;
int i;
+ if (len < sizeof(*ev)) {
+ return BLE_HS_ECONTROLLER;
+ }
+
if (len != sizeof(*ev) + (ev->count * sizeof(ev->completed[0]))) {
return BLE_HS_ECONTROLLER;
}
