tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[AWARE] Protect string copy against buffer overflow am: 5039b6099e

Browse source 
Change-Id: If36fa8b7de6f0b9092e9c7c7f50f6fd8111f6cb3
This commit is contained in:
Automerger Merge Worker 2019-12-19 01:38:38 +00:00
commit d719d5726e
1 changed files with 14 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
wifi/1.3/default/hidl_struct_util.cpp
View file

@ -1819,7 +1819,13 @@ bool convertHidlNanDataPathInitiatorRequestToLegacy(
convertHidlNanDataPathChannelCfgToLegacy(
hidl_request.channelRequestType);
legacy_request->channel = hidl_request.channel;
strcpy(legacy_request->ndp_iface, hidl_request.ifaceName.c_str());
if (strnlen(hidl_request.ifaceName.c_str(), IFNAMSIZ + 1) == IFNAMSIZ + 1) {
LOG(ERROR) << "convertHidlNanDataPathInitiatorRequestToLegacy: "
"ifaceName too long";
return false;
}
strncpy(legacy_request->ndp_iface, hidl_request.ifaceName.c_str(),
IFNAMSIZ + 1);
legacy_request->ndp_cfg.security_cfg =
(hidl_request.securityConfig.securityType !=
NanDataPathSecurityType::OPEN)
@ -1900,7 +1906,13 @@ bool convertHidlNanDataPathIndicationResponseToLegacy(
? legacy_hal::NAN_DP_REQUEST_ACCEPT
: legacy_hal::NAN_DP_REQUEST_REJECT;
legacy_request->ndp_instance_id = hidl_request.ndpInstanceId;
strcpy(legacy_request->ndp_iface, hidl_request.ifaceName.c_str());
if (strnlen(hidl_request.ifaceName.c_str(), IFNAMSIZ + 1) == IFNAMSIZ + 1) {
LOG(ERROR) << "convertHidlNanDataPathIndicationResponseToLegacy: "
"ifaceName too long";
return false;
}
strncpy(legacy_request->ndp_iface, hidl_request.ifaceName.c_str(),
IFNAMSIZ + 1);
legacy_request->ndp_cfg.security_cfg =
(hidl_request.securityConfig.securityType !=
NanDataPathSecurityType::OPEN)