DO NOT MERGE Fix OOB read before buffer length check

Bug: 111936834
Test: manual
Change-Id: Ib98528fb62db0d724ebd9112d071e367f78e369d
(cherry picked from commit 4548f34c90803c6544f6bed03399f2eabeab2a8e)

stack/smp/smp_act.cc

diff --git a/stack/smp/smp_act.cc b/stack/smp/smp_act.cc
index 2103776..59045be 100644
--- a/stack/smp/smp_act.cc
+++ b/stack/smp/smp_act.cc
@@ -725,13 +725,17 @@
   uint8_t reason = SMP_INVALID_PARAMETERS;
 
   SMP_TRACE_DEBUG("%s", __func__);
-  p_cb->status = *(uint8_t*)p_data;
 
   if (smp_command_has_invalid_parameters(p_cb)) {
+    if (p_cb->rcvd_cmd_len < 2) {  // 1 (opcode) + 1 (Notif Type) bytes
+      android_errorWriteLog(0x534e4554, "111936834");
+    }
     smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason);
     return;
   }
 
+  p_cb->status = *(uint8_t*)p_data;
+
   if (p != NULL) {
     STREAM_TO_UINT8(p_cb->peer_keypress_notification, p);
   } else {