Diff between b2b4716b3c78c479bebd5a6d2d186bbc351aeff3 and fba18071c6d9fc3bfc1685f33a7ee687ec3b7eb0
Changed Files
| File | Additions | Deletions | Status |
| emulator/bthost.c | +6 | -1 | modified |
Full Patch
diff --git a/emulator/bthost.c b/emulator/bthost.c
index f92b479..2cd79bc 100644
--- a/emulator/bthost.c
+++ b/emulator/bthost.c
@@ -1604,7 +1604,12 @@ static void rfcomm_disc_recv(struct bthost *bthost, struct btconn *conn,
uint16_t len)
{
const struct rfcomm_cmd *hdr = data;
- uint8_t dlci = RFCOMM_GET_DLCI(hdr->address);
+ uint8_t dlci;
+
+ if (len < sizeof(*hdr))
+ return;
+
+ dlci = RFCOMM_GET_DLCI(hdr->address);
rfcomm_ua_send(bthost, conn, l2conn, 0, dlci);
}