Google Git
Sign in
android / platform / external / bluetooth / bluedroid / e14a66a5fd4f05817dc7716ca9087678dd220eda
commite14a66a5fd4f05817dc7716ca9087678dd220eda[log] [tgz]
authorSharvil Nanavati <sharvil@google.com>Sun Feb 09 22:21:48 2014 -0800
committerSharvil Nanavati <sharvil@google.com>Tue Feb 11 14:47:41 2014 -0800
tree396aec9ddc6cf739129872507891fc085056c525
parenta5df8e122f4f322d9d1d4e9c14bf998ff2e3406a [diff]
Don't leak process-private data on Change Local Name command.

The Change Local Name command to the controller doesn't zero out
the contents of the command buffer before setting the contents. As
a result, the controller sees both the new device name and then
random data left over on the heap from previous operations. This
random data may contain sensitive information. Although the device
name is null-terminated, a controller may inadvertently leak the
additional information over the network.

This change fixes the behaviour by zeroing out the entire command
buffer before copying the device name into it. If the device name
doesn't occupy the entire buffer, the rest of it will be zero.

http://b/12949068

Change-Id: I4dd6ce6dd6709589fcd1e23f974db820820bc8e1
1 file changed
tree: 396aec9ddc6cf739129872507891fc085056c525
  1. audio_a2dp_hw/
  2. bta/
  3. btif/
  4. conf/
  5. embdrv/
  6. gki/
  7. hci/
  8. include/
  9. main/
  10. stack/
  11. test/
  12. tools/
  13. udrv/
  14. utils/
  15. Android.mk
  16. CleanSpec.mk