Re: [PATCH] Bluetooth: btintel_pcie: validate RX packet length against buffer size

Next message: Pei Xiao: "[PATCH 2/2] spi: hisi-kunpeng: Add timeout warning in FIFO flush function"
Previous message: Pei Xiao: "[PATCH 0/2] spi hisi-kunpeng cleanup and fix"
In reply to: Paul Menzel: "Re: [PATCH] Bluetooth: btintel_pcie: validate RX packet length against buffer size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Junrui Luo

Date: Wed Mar 18 2026 - 23:07:40 EST

Hi Paul,

Thanks for the review.

On Wed, Mar 18, 2026 at 10:12:35AM +0100, Paul Menzel wrote:
> Thank you for your patch. It be great if you configured your name in the
> author line – currently it only contains the address:
>
> From: moonafterrain@xxxxxxxxxxx
>
> No idea, why b4 is not doing it.

Sorry about that. I will fix in v2.

> Do you have a reproducer or test case for this issue?

This was found through static analysis. It can be triggered
theoretically by a malicious or broken device.

> As this seems a broken or malicious firmware, no idea, if it’d make sense to
> log it.

Would it make sense to add a bt_dev_warn() to log the invalid
packet_len? If so, I will include it in v2.

Thanks,
Junrui Luo