summaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
* Fix potential stack overflow caused by integer overflowcm-14.1Jakub Pawlowski2020-05-071-1/+2
* GattServcer: Check invalid offsetHansong Zhang2020-05-071-0/+7
* SDP: add return after SDP disconnectionZongheng Wang2020-02-051-0/+2
* Fix potential OOB write in btm_read_remote_ext_features_completeTed Wang2020-02-054-7/+31
* GAP: Correct the continuous pkt length in l2capVenkata Jagadeesh Garaga2020-02-051-1/+2
* fix -Wdangling-gslNick Desaulniers2020-01-071-2/+2
* JustWorks: Auto-accept only incoming temporary pairing.Martin Brabham2019-12-031-0/+17
* SDP: Disconnect when there is a bad lengthZongheng Wang2019-12-031-0/+1
* Use memcpy instead of casting to convert device_class to intRahul Sabnis2019-12-032-16/+27
* SDP: disconnect if sdp_copy_raw_data failsZongheng Wang2019-12-031-6/+15
* DO NOT MERGE: btif: require pairing dialog for JustWorks SSPMartin Brabham2019-12-031-25/+0
* DO NOT MERGE Store BLE keys using the address from the ble_auth_cmpl_evtUgo Yu2019-11-052-7/+3
* DO NOT MERGE Fix for Bluetooth connection being dropped after HCI Read Encryp...Jakub Pawlowski2019-08-071-0/+18
* DO NOT MERGE Send HCI Read Encryption Key properlyJakub Pawlowski2019-08-071-1/+4
* DO NOT MERGE Drop Bluetooth connection with weak encryption keyJakub Pawlowski2019-08-075-4/+112
* Fix potential OOB read in sdpu_get_len_from_typeTed Wang2019-07-034-12/+52
* DO NOT MERGE Don't persist bonds using sample LTKJakub Pawlowski2019-06-063-0/+72
* btm_proc_smp_cback: Don't access p_dev_rec if freedHansong Zhang2019-04-041-0/+7
* process_l2cap_cmd: Fix OOBHansong Zhang2019-04-042-12/+63
* DO NOT MERGE A security fix to check buffer length in l2c_lcc_proc_pduStanley Tng2019-03-041-2/+13
* Fix potential usage of freed memory in btif_hl_proc_sdp_query_cfmJakub Pawlowski2019-02-212-5/+5
* Fix buffer overflow in btif_dm_data_copyJakub Pawlowski2019-02-212-50/+44
* Fix possible OOB when AVDT data channel recive ACL dataUgo Yu2019-02-071-3/+57
* MCAP: Check response length in mca_ccb_hdl_rspMyles Watson2019-01-181-3/+17
* HH: Check parameter length in bta_hh_ctrl_dat_actMyles Watson2019-01-181-0/+8
* SDP: Check p_end in save_attr_seq and add_attrMyles Watson2019-01-181-13/+20
* HFP: Check AT command buffer boundary during parsingChienyuan2019-01-185-22/+54
* Fix possible OOB readJakub Pawlowski2018-12-041-0/+12
* DO NOT MERGE - Check SDU lower bound before allocate p_dataUgo Yu2018-12-041-0/+7
* Check data length when parsing AVRCP vendor specific command responsesPavlin Radoslavov2018-11-121-2/+39
* AVRCP: unify Get{Element,Item}Attributes response.Marie Janssen2018-11-124-140/+102
* Check AVRCP data length when parsing inside avrc_ctrl_pars_vendor_rsp()Pavlin Radoslavov2018-11-071-16/+156
* Checks the SMP length to fix OOB readCheney Ni2018-10-081-1/+19
* Add packet length check in smp_proc_master_idUgo Yu2018-10-081-0/+10
* DO NOT MERGE Fix OOB read before buffer length checkUgo Yu2018-10-081-1/+7
* Check packet length in bta_av_proc_meta_cmdChienyuan2018-10-081-1/+8
* Add missing AVRCP message length checks inside avrc_msg_cbackPavlin Radoslavov2018-10-081-7/+34
* Add packet length checks in mca_ccb_hdl_reqCheney Ni2018-10-081-1/+11
* Fix a wrong check in rfc_parse_dataHansong Zhang2018-10-081-1/+1
* Add bound check for rfc_parse_dataHansong Zhang2018-10-082-8/+13
* Check remaining frame length in rfc_process_mx_messageHansong Zhang2018-10-081-0/+27
* Fix copy length calculation in sdp_copy_raw_dataJakub Pawlowski2018-10-081-0/+8
* Fix OOB read in avrc_ctrl_pars_vendor_rspHansong Zhang2018-10-081-0/+6
* DO NOT MERGE HFP: Fix out of bound access in phone number processingJack He2018-09-231-4/+19
* Don't use Address after it was deletedJakub Pawlowski2018-09-233-24/+30
* HID Host: Check L2CAP packet data lengthHansong Zhang2018-09-231-0/+9
* Add packet length checks in l2cble_process_sig_cmdJakub Pawlowski2018-09-231-0/+41
* Fix OOB read in process_l2cap_cmdHansong Zhang2018-09-231-0/+5
* DO NOT MERGE: SDP: Recalculate param_len after max_list_lenMyles Watson2018-09-071-0/+1
* SDP: return error on offset bigger than atribute lengthJakub Pawlowski2018-09-071-0/+16
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 00:48:05 +0000