Fix memory overflow.
Bug: 180939982
Merged-In: I1be3b836e09901c9cc614b02e21ae41b9a1ebfac
Change-Id: I1be3b836e09901c9cc614b02e21ae41b9a1ebfac
(cherry picked from commit 0d93359dbbe99da62528b236ba4a9ab92f06c6af)
diff --git a/stack/btm/btm_acl.cc b/stack/btm/btm_acl.cc
index 72239d9..2c7bebd 100644
--- a/stack/btm/btm_acl.cc
+++ b/stack/btm/btm_acl.cc
@@ -1613,7 +1613,7 @@
/* Make sure we don't exceed max port range.
* Stack reserves scn 1 for HFP, HSP we still do the correct way.
*/
- if ((scn >= BTM_MAX_SCN) || (scn == 1)) return false;
+ if ((scn >= BTM_MAX_SCN) || (scn == 1) || (scn == 0)) return false;
/* check if this port is available */
if (!btm_cb.btm_scn[scn - 1]) {
@@ -1635,7 +1635,7 @@
******************************************************************************/
bool BTM_FreeSCN(uint8_t scn) {
BTM_TRACE_DEBUG("BTM_FreeSCN ");
- if (scn <= BTM_MAX_SCN) {
+ if (scn <= BTM_MAX_SCN && scn > 0) {
btm_cb.btm_scn[scn - 1] = false;
return (true);
} else {