Legacy pairing: Reject device with same BD_ADDR

Change-Id: If3daec91c3d108a4e7e988608e0600c79ea5f053
Tag: #vulnerability
Test: manual
Bug: 174626251
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
index 3d5f51c..1831529 100644
--- a/stack/btm/btm_sec.cc
+++ b/stack/btm/btm_sec.cc
@@ -5004,6 +5004,13 @@
   VLOG(2) << __func__ << " BDA: " << p_bda
           << " state: " << btm_pair_state_descr(btm_cb.pairing_state);
 
+  RawAddress local_bd_addr = *controller_get_interface()->get_address();
+  if (p_bda == local_bd_addr) {
+    android_errorWriteLog(0x534e4554, "174626251");
+    btsnd_hcic_pin_code_neg_reply(p_bda);
+    return;
+  }
+
   if (btm_cb.pairing_state != BTM_PAIR_STATE_IDLE) {
     if ((p_bda == btm_cb.pairing_bda) &&
         (btm_cb.pairing_state == BTM_PAIR_STATE_WAIT_AUTH_COMPLETE)) {