commit | cba7232db14f6ffceb6813315177ee99c422e343 | [log] [tgz] |
---|---|---|
author | fang.x.chen <fang.x.chen@sonymobile.com> | Mon Nov 07 12:31:10 2016 +0900 |
committer | Andre Eisenbach <eisenbach@google.com> | Tue Dec 06 18:22:38 2016 +0000 |
tree | 038ab28cca81313acf8764bf629ba1ad7e687dcb | |
parent | c99d11b183159f3f72f3c1a1b241ce3983a292dd [diff] |
Fix native crash in nfc_ncif_proc_activate The destination of memcpy is allocated with a predetermined maximum length, but in some cases the length of information being copied is greater than the maximum length of the destination. This is the root cause of crash. Add length check before memcpy to avoid memory overflow Test: Repeat reading and writing tag Bug: 32688507 Change-Id: I09ee3c734e9be38a35b1d48679d74e42e0432d78