From 556e14548c38c2b96d85881542046ee7ed750bb5 Mon Sep 17 00:00:00 2001
From: Sicelo A. Mhlongo <absicsz@gmail.com>
Date: Wed, Dec 4 12:07:34 2024 +0200
Subject: [PATCH] stkutil: ensure data fits in buffer

Fixes CVE-2024-7545

CVE: CVE-2024-7545
Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=556e14548c38c2b96d85881542046ee7ed750bb5]
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 src/stkutil.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/stkutil.c b/src/stkutil.c
index 475caaa..e1fd75c 100644
--- a/src/stkutil.c
+++ b/src/stkutil.c
@@ -1938,6 +1938,10 @@ static bool parse_dataobj_mms_content_id(
 
 	data = comprehension_tlv_iter_get_data(iter);
 	mci->len = len;
+
+	if (len > sizeof(mci->id))
+		return false;
+
 	memcpy(mci->id, data, len);
 
 	return true;
-- 
2.25.1