Re: [PATCH] Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello:

This patch was applied to bluetooth/bluetooth-next.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>:

On Thu, 22 May 2025 21:16:02 +0300 you wrote:
> In 'mgmt_hci_cmd_sync()', check whether the size of parameters passed
> in 'struct mgmt_cp_hci_cmd_sync' matches the total size of the data
> (i.e. 'sizeof(struct mgmt_cp_hci_cmd_sync)' plus trailing bytes).
> Otherwise, large invalid 'params_len' will cause 'hci_cmd_sync_alloc()'
> to do 'skb_put_data()' from an area beyond the one actually passed to
> 'mgmt_hci_cmd_sync()'.
> 
> [...]

Here is the summary with links:
  - Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands
    https://git.kernel.org/bluetooth/bluetooth-next/c/2ab3abab237b

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux