Fix memory overwrite in random number generation code. This overwrite could cause privacy to fail
Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/5092dc34 Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/5092dc34 Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/5092dc34 Branch: refs/heads/sterly_refactor Commit: 5092dc34b9c6729fc9f7284aace84fa38f66a8b2 Parents: 37f8bb5 Author: William San Filippo <[email protected]> Authored: Fri Jul 29 08:33:30 2016 -0700 Committer: Sterling Hughes <[email protected]> Committed: Sun Jul 31 21:58:57 2016 -0700 ---------------------------------------------------------------------- net/nimble/controller/src/ble_ll_rand.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/5092dc34/net/nimble/controller/src/ble_ll_rand.c ---------------------------------------------------------------------- diff --git a/net/nimble/controller/src/ble_ll_rand.c b/net/nimble/controller/src/ble_ll_rand.c index c5201f9..8d26f8d 100644 --- a/net/nimble/controller/src/ble_ll_rand.c +++ b/net/nimble/controller/src/ble_ll_rand.c @@ -37,7 +37,8 @@ struct ble_ll_rnum_data struct ble_ll_rnum_data g_ble_ll_rnum_data; uint8_t g_ble_ll_rnum_buf[NIMBLE_OPT_LL_RNG_BUFSIZE]; -#define IS_RNUM_BUF_END(x) (x == &g_ble_ll_rnum_buf[NIMBLE_OPT_LL_RNG_BUFSIZE]) +#define IS_RNUM_BUF_END(x) \ + (x == &g_ble_ll_rnum_buf[NIMBLE_OPT_LL_RNG_BUFSIZE - 1]) void ble_ll_rand_sample(uint8_t rnum)
