Fix a security bypass issue in access_secure_service_from_temp_bond

Backport I48df2c2d77810077e97d4131540277273d441998 to rvc-dev Bug: 318374503 Test: m com.android.btservices | manual test against PoC | QA Ignore-AOSP-First: security (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e908c16d9157b9e4a936117f06b8f964cf8386b8) Merged-In: Ib7cf66019b3d45a2a23d235ad5f9dc406394456f Change-Id: Ib7cf66019b3d45a2a23d235ad5f9dc406394456f
author: Hui Peng <phui@google.com> 2024-01-09 22:38:20 +0000
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2024-01-24 02:21:25 +0000
commit: 9b0d97e18756489b037b62e4188940bb690980b1 (patch)
tree: 0605a00d2c1d1edf6f24a3dd113b487c8c93befb
parent: e4e48f825936d9fb42763212e6b2bb038c005ff2 (diff)
download: bt-9b0d97e18756489b037b62e4188940bb690980b1.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
index bfb045c5a..e53a91497 100644
--- a/stack/btm/btm_sec.cc
+++ b/stack/btm/btm_sec.cc
@@ -218,8 +218,7 @@ static bool access_secure_service_from_temp_bond(const tBTM_SEC_DEV_REC* p_dev_r
                                                  bool locally_initiated,
                                                  uint16_t security_req) {
   return !locally_initiated && (security_req & BTM_SEC_IN_AUTHENTICATE) &&
-    btm_dev_authenticated(p_dev_rec) &&
-    p_dev_rec->is_bond_type_temporary();
+         p_dev_rec->is_bond_type_temporary();
 }
 
 /*******************************************************************************
author	Hui Peng <phui@google.com>	2024-01-09 22:38:20 +0000
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2024-01-24 02:21:25 +0000
commit	9b0d97e18756489b037b62e4188940bb690980b1 (patch)
tree	0605a00d2c1d1edf6f24a3dd113b487c8c93befb
parent	e4e48f825936d9fb42763212e6b2bb038c005ff2 (diff)
download	bt-9b0d97e18756489b037b62e4188940bb690980b1.tar.gz