Hi,
in hci_h4.c, the h4 stack checks the len of the packet given in the header
with h4_check_data_len.
in btuart_cs.c, it doesn't. This could lead to skb_over_panic if the read len is wrong.
I think it could be great if all drivers using h4 could use the same h4
stack.
Thanks
Matthieu
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Bluez-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-devel
Hi Matthieu,
> in hci_h4.c, the h4 stack checks the len of the packet given in the header
> with h4_check_data_len.
> in btuart_cs.c, it doesn't. This could lead to skb_over_panic if the read len is wrong.
>
> I think it could be great if all drivers using h4 could use the same h4
> stack.
this would be great, but unfortunately nobody has done this. Feel free
to send in a patch to make this happen.
Regards
Marcel
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Bluez-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-devel