Fix an OOB bug in parse_gap_data Bug: 277590580 bug: 275553827 Test: atest net_test_main_shim Ignore-AOSP-First: security Tag: #security (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0d7e3d8fd96389f1435b76f37064c69ae61df6e7) Merged-In: I7fcb7c46f668f48560a72399a3c5087c6da3827f Change-Id: I7fcb7c46f668f48560a72399a3c5087c6da3827f

commit: a218e5be5e4049eae3b321f2a535a128d65d00b6 [log] [tgz]
author: Hui Peng <phui@google.com> Mon Aug 21 10:40:17 2023 -0700
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Wed Oct 11 22:50:36 2023 +0000
tree: 023cc8090d2e526f947bd90b9e6272dc27b7b700
parent: ea81185c89097500559d61b3d49fb9633899e848 [diff]
diff --git a/system/main/shim/utils.cc b/system/main/shim/utils.cc index dcf1725..9f18ddc 100644 --- a/system/main/shim/utils.cc +++ b/system/main/shim/utils.cc 
@@ -25,6 +25,10 @@  hci::GapData gap_data;  uint8_t len = raw_data[offset];   + if (offset + len + 1 > raw_data.size()) { + break; + } +  auto begin = raw_data.begin() + offset;  auto end = begin + len + 1; // 1 byte for len  auto data_copy = std::make_shared<std::vector<uint8_t>>(begin, end);
commit	a218e5be5e4049eae3b321f2a535a128d65d00b6	[log] [tgz]
author	Hui Peng <phui@google.com>	Mon Aug 21 10:40:17 2023 -0700
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	Wed Oct 11 22:50:36 2023 +0000
tree	023cc8090d2e526f947bd90b9e6272dc27b7b700
parent	ea81185c89097500559d61b3d49fb9633899e848 [diff]