Diff between 800257a5aae104ba73c5d299cd350643610998b0 and 3ebf246be6e9fbfe8262473f60f42ce08892c0f9
Changed Files
| File | Additions | Deletions | Status |
| monitor/sdp.c | +4 | -0 | modified |
Full Patch
diff --git a/monitor/sdp.c b/monitor/sdp.c
index 13a8807..36708f4 100644
--- a/monitor/sdp.c
+++ b/monitor/sdp.c
@@ -585,6 +585,10 @@ static void service_rsp(const struct l2cap_frame *frame, struct tid_data *tid)
}
count = get_be16(frame->data + 2);
+ if (count * 4 > frame->size) {
+ print_text(COLOR_ERROR, "invalid record count");
+ return;
+ }
print_field("Total record count: %d", get_be16(frame->data));
print_field("Current record count: %d", count);