Check if there is enough data to continue otherwise return an error.
(CVE-2017-1000250)
Change-Id: I45d44d1bad703fa22af0f1d13cf710686ad64aae
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>
} else {
/* continuation State exists -> get from cache */
sdp_buf_t *pCache = sdp_get_cached_rsp(cstate);
- if (pCache) {
+ if (pCache && cstate->cStateValue.maxBytesSent < pCache->data_size) {
uint16_t sent = MIN(max, pCache->data_size - cstate->cStateValue.maxBytesSent);
pResponse = pCache->data;
memcpy(buf->data, pResponse + cstate->cStateValue.maxBytesSent, sent);