mgmt: Fix new_key event content validation
This patch adds some stricter checks for the new_key management
interface event.
diff --git a/plugins/mgmtops.c b/plugins/mgmtops.c
index ed82f8b..51a4c93 100644
--- a/plugins/mgmtops.c
+++ b/plugins/mgmtops.c
@@ -424,20 +424,28 @@
struct controller_info *info;
uint16_t index;
- if (len < sizeof(*ev)) {
- error("Too small new_key event");
+ if (len != sizeof(*ev)) {
+ error("new_key event size mismatch (%zu != %zu)",
+ len, sizeof(*ev));
return;
}
index = btohs(bt_get_unaligned(&ev->index));
- DBG("Controller %u new key of type %u", index, ev->key.type);
+ DBG("Controller %u new key of type %u pin_len %u", index,
+ ev->key.type, ev->key.pin_len);
if (index > max_index) {
error("Unexpected index %u in new_key event", index);
return;
}
+ if (ev->key.pin_len > 16) {
+ error("Invalid PIN length (%u) in new_key event",
+ ev->key.pin_len);
+ return;
+ }
+
info = &controllers[index];
btd_event_link_key_notify(&info->bdaddr, &ev->key.bdaddr,