)]}'
{"id":"LineageOS%2Fandroid_system_bt~411006","triplet_id":"LineageOS%2Fandroid_system_bt~lineage-19.1~Icc8209aec68873c9821a36c579cd5df05c6ec8b8","project":"LineageOS/android_system_bt","branch":"lineage-19.1","topic":"S_asb_2024-12","hashtags":[],"change_id":"Icc8209aec68873c9821a36c579cd5df05c6ec8b8","subject":"Fix OOB write in build_read_multi_rsp of gatt_sr.cc","status":"MERGED","created":"2024-12-07 17:38:58.000000000","updated":"2024-12-23 22:53:59.000000000","submitted":"2024-12-23 22:53:59.000000000","submitter":{"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]},"total_comment_count":0,"unresolved_comment_count":0,"has_review_started":true,"submission_id":"411006-S_asb_2024-12","meta_rev_id":"7efd745b451fe79b67e2e5da4c15fa640b7aa726","_number":411006,"virtual_id_number":411006,"owner":{"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]},"actions":{},"labels":{"Verified":{"all":[{"value":0,"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]}],"values":{"-1":"Fails"," 0":"No score","+1":"Verified"},"description":"","default_value":0},"Code-Review":{"all":[{"value":0,"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]}],"values":{"-2":"Do not submit","-1":"I would prefer that you didn\u0027t submit this"," 0":"No score","+1":"Looks good to me, but someone else must approve","+2":"Looks good to me, approved"},"description":"","default_value":0},"CI":{"all":[{"value":0,"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]}],"values":{"-1":"Fail"," 0":"No score","+1":"Pass"},"description":"","default_value":0,"optional":true}},"removable_reviewers":[],"reviewers":{},"pending_reviewers":{},"reviewer_updates":[],"messages":[{"id":"f626353a068f3e02ddb004598eb30d9137e90194","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]},"date":"2024-12-07 17:38:58.000000000","message":"Uploaded patch set 1.","accounts_in_message":[],"_revision_number":1},{"id":"7efd745b451fe79b67e2e5da4c15fa640b7aa726","tag":"autogenerated:gerrit:merged","author":{"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]},"date":"2024-12-23 22:53:59.000000000","message":"Change has been successfully pushed.","accounts_in_message":[],"_revision_number":2}],"current_revision_number":2,"current_revision":"1f638883d45c8da80154e6e6a32d2f408784f54b","revisions":{"c2d8a89e9d1332cb42440ff82d3fd70cfa749a96":{"kind":"REWORK","_number":1,"created":"2024-12-07 17:38:58.000000000","uploader":{"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]},"ref":"refs/changes/06/411006/1","fetch":{"anonymous http":{"url":"https://github.com/LineageOS/android_system_bt","ref":"refs/changes/06/411006/1","commands":{"Branch":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/1 \u0026\u0026 git checkout -b change-411006 FETCH_HEAD","Checkout":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/1 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/1 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/1 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://github.com/LineageOS/android_system_bt refs/changes/06/411006/1","Reset To":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/1 \u0026\u0026 git reset --hard FETCH_HEAD"}}},"commit":{"parents":[{"commit":"669ca33f5e7a67cc733e25e72510a9aa3c953933","subject":"RESTRICT AUTOMERGE Disallow unexpected incoming HID connections 1/2","web_links":[{"name":"GitHub","tooltip":"Open in GitWeb","url":"https://github.com/LineageOS/android_system_bt/commit/669ca33f5e7a67cc733e25e72510a9aa3c953933"}]}],"author":{"name":"Brian Delwiche","email":"delwiche@google.com","date":"2024-07-08 22:42:18.000000000","tz":0},"committer":{"name":"Kevin F. Haggerty","email":"haggertk@lineageos.org","date":"2024-12-06 17:44:41.000000000","tz":-420},"subject":"Fix OOB write in build_read_multi_rsp of gatt_sr.cc","message":"Fix OOB write in build_read_multi_rsp of gatt_sr.cc\n\nbuild_read_multi_rsp is missing a bounds check, which can lead to an\nOOB write when the mtu parameter is set to zero.\n\nAdd that bounds check.\n\nBug: 323850943\nTest: atest GattSrTest\nTest: researcher POC\nTag: #security\nFlag: EXEMPT trivial validity checks\nIgnore-AOSP-First: Security\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c177fdbd6189a114239e11e2713740b5a50624e1)\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:f7171d31e247e3367b302374a3a0cf671f50ffcd)\nMerged-In: Icc8209aec68873c9821a36c579cd5df05c6ec8b8\nChange-Id: Icc8209aec68873c9821a36c579cd5df05c6ec8b8\n","web_links":[{"name":"GitHub","tooltip":"Open in GitWeb","url":"https://github.com/LineageOS/android_system_bt/commit/c2d8a89e9d1332cb42440ff82d3fd70cfa749a96"}],"resolve_conflicts_web_links":[{"name":"GitHub","tooltip":"Open in GitWeb","url":"https://github.com/LineageOS/android_system_bt/commit/c2d8a89e9d1332cb42440ff82d3fd70cfa749a96"}]},"branch":"refs/heads/lineage-19.1"},"1f638883d45c8da80154e6e6a32d2f408784f54b":{"kind":"TRIVIAL_REBASE","_number":2,"created":"2024-12-23 22:53:59.000000000","uploader":{"_account_id":15173,"name":"Kevin Haggerty","email":"haggertk@lineageos.org","username":"haggertk","avatars":[{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/258edfac858c1ce5f056ed4ca050a578.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}]},"ref":"refs/changes/06/411006/2","fetch":{"anonymous http":{"url":"https://github.com/LineageOS/android_system_bt","ref":"refs/changes/06/411006/2","commands":{"Branch":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/2 \u0026\u0026 git checkout -b change-411006 FETCH_HEAD","Checkout":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/2 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/2 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/2 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://github.com/LineageOS/android_system_bt refs/changes/06/411006/2","Reset To":"git fetch https://github.com/LineageOS/android_system_bt refs/changes/06/411006/2 \u0026\u0026 git reset --hard FETCH_HEAD"}}},"commit":{"parents":[{"commit":"361708a2dd7a92528310319724f2cd7d41763209","subject":"Merge cherrypicks of [\u0027googleplex-android-review.googlesource.com/28499736\u0027] into security-aosp-sc-v2-release.","web_links":[{"name":"GitHub","tooltip":"Open in GitWeb","url":"https://github.com/LineageOS/android_system_bt/commit/361708a2dd7a92528310319724f2cd7d41763209"}]}],"author":{"name":"Brian Delwiche","email":"delwiche@google.com","date":"2024-07-08 22:42:18.000000000","tz":0},"committer":{"name":"Android Build Coastguard Worker","email":"android-build-coastguard-worker@google.com","date":"2024-10-09 22:52:40.000000000","tz":0},"subject":"Fix OOB write in build_read_multi_rsp of gatt_sr.cc","message":"Fix OOB write in build_read_multi_rsp of gatt_sr.cc\n\nbuild_read_multi_rsp is missing a bounds check, which can lead to an\nOOB write when the mtu parameter is set to zero.\n\nAdd that bounds check.\n\nBug: 323850943\nTest: atest GattSrTest\nTest: researcher POC\nTag: #security\nFlag: EXEMPT trivial validity checks\nIgnore-AOSP-First: Security\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c177fdbd6189a114239e11e2713740b5a50624e1)\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:f7171d31e247e3367b302374a3a0cf671f50ffcd)\nMerged-In: Icc8209aec68873c9821a36c579cd5df05c6ec8b8\nChange-Id: Icc8209aec68873c9821a36c579cd5df05c6ec8b8\n","web_links":[{"name":"GitHub","tooltip":"Open in GitWeb","url":"https://github.com/LineageOS/android_system_bt/commit/1f638883d45c8da80154e6e6a32d2f408784f54b"}],"resolve_conflicts_web_links":[{"name":"GitHub","tooltip":"Open in GitWeb","url":"https://github.com/LineageOS/android_system_bt/commit/1f638883d45c8da80154e6e6a32d2f408784f54b"}]},"branch":"refs/heads/lineage-19.1"}},"requirements":[],"submit_records":[],"submit_requirements":[]}