LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Add message length check in parseNetlinkErrorMessage"

Browse Source
This commit is contained in:
Motomu Utsumi
2023-05-23 02:03:46 +00:00
committed by Gerrit Code Review
parent c8d1e96a34 2976065935
commit 4b5cf8ec4a
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
staticlibs/device/com/android/net/module/util/netlink/NetlinkUtils.java
View File

@@ -93,6 +93,15 @@ public class NetlinkUtils {
if (nlmsghdr == null || nlmsghdr.nlmsg_type != NetlinkConstants.NLMSG_ERROR) { if (nlmsghdr == null || nlmsghdr.nlmsg_type != NetlinkConstants.NLMSG_ERROR) {
return null; return null;
} }
final int messageLength = NetlinkConstants.alignedLengthOf(nlmsghdr.nlmsg_len);
final int payloadLength = messageLength - StructNlMsgHdr.STRUCT_SIZE;
if (payloadLength < 0 || payloadLength > bytes.remaining()) {
// Malformed message or runt buffer. Pretend the buffer was consumed.
bytes.position(bytes.limit());
return null;
}
return NetlinkErrorMessage.parse(nlmsghdr, bytes); return NetlinkErrorMessage.parse(nlmsghdr, bytes);
} }