search

paypal / gatt

Gatt is a Go package for building Bluetooth Low Energy peripherals
BSD 3-Clause "New" or "Revised" License
1.12k stars 283 forks source link

Fix crash #102

Closed fcrisciani closed 5 years ago

fcrisciani commented 5 years ago

Considering the case where len(b) == 2 First check line 92: len(b) < 2 will pass Line 96: len(b) < int(1+l) can still pass if l == 1 or 0 Line 99: b[2: 1+l] will crash with 2 possible signatures if l == 1, index out of bound because right bound is 3 more than length if l == 0, invalid slice index, right bound < left bound

The fix takes care of avoiding these 2 conditions checking the bounds Note: result of line 99 can still be an empty slice

Signed-off-by: Flavio Crisciani f.crisciani@gmail.com

roylee17 commented 5 years ago

Hello,

Thanks for the contribution, but this repo hasn't been maintained for a while.

The efforts have been continued by the community at:

https://github.com/go-ble/ble

fcrisciani commented 5 years ago

ok great, will push it there then