[PATCH v3 12/12] Drop variable EIR length

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Bruna Moreira <bruna.moreira@xxxxxxxxxxxxx>

The functions eir_parse() and adapter_update_found_devices() now
assume that the EIR buffer has always 240 octets. For advertising
reports, the advertising data is stored on a buffer with 240 bytes,
padded with zeroes.
---
 plugins/hciops.c |   13 +++++++++----
 src/adapter.c    |    6 +++---
 src/adapter.h    |    4 ++--
 src/eir.c        |    8 ++++----
 src/eir.h        |    2 +-
 src/event.c      |    3 +--
 6 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/plugins/hciops.c b/plugins/hciops.c
index 37b2d8e..d976822 100644
--- a/plugins/hciops.c
+++ b/plugins/hciops.c
@@ -2171,7 +2171,7 @@ static inline void le_advertising_report(int index, evt_le_meta_event *meta)
 {
 	struct dev_info *dev = &devs[index];
 	le_advertising_info *info;
-	uint8_t num_reports, rssi;
+	uint8_t num_reports, rssi, eir[HCI_MAX_EIR_LENGTH];
 	const uint8_t RSSI_SIZE = 1;
 
 	num_reports = meta->data[0];
@@ -2179,8 +2179,10 @@ static inline void le_advertising_report(int index, evt_le_meta_event *meta)
 	info = (le_advertising_info *) &meta->data[1];
 	rssi = *(info->data + info->length);
 
-	btd_event_device_found(&dev->bdaddr, &info->bdaddr, 0, rssi,
-								info->data);
+	memset(eir, 0, sizeof(eir));
+	memcpy(eir, info->data, info->length);
+
+	btd_event_device_found(&dev->bdaddr, &info->bdaddr, 0, rssi, eir);
 
 	num_reports--;
 
@@ -2189,8 +2191,11 @@ static inline void le_advertising_report(int index, evt_le_meta_event *meta)
 								RSSI_SIZE);
 		rssi = *(info->data + info->length);
 
+		memset(eir, 0, sizeof(eir));
+		memcpy(eir, info->data, info->length);
+
 		btd_event_device_found(&dev->bdaddr, &info->bdaddr, 0, rssi,
-								info->data);
+									eir);
 	}
 }
 
diff --git a/src/adapter.c b/src/adapter.c
index 84e8ca6..33fd354 100644
--- a/src/adapter.c
+++ b/src/adapter.c
@@ -2999,8 +2999,8 @@ static char *read_stored_data(bdaddr_t *local, bdaddr_t *peer, const char *file)
 }
 
 void adapter_update_found_devices(struct btd_adapter *adapter, bdaddr_t *bdaddr,
-					uint32_t class, int8_t rssi,
-					uint8_t *data, size_t eir_size)
+						uint32_t class, int8_t rssi,
+						uint8_t *data)
 {
 	struct remote_dev_info *dev, match;
 	struct eir_data eir_data;
@@ -3010,7 +3010,7 @@ void adapter_update_found_devices(struct btd_adapter *adapter, bdaddr_t *bdaddr,
 	int err;
 
 	memset(&eir_data, 0, sizeof(eir_data));
-	err = eir_parse(&eir_data, data, HCI_MAX_EIR_LENGTH);
+	err = eir_parse(&eir_data, data);
 	if (err < 0) {
 		error("Error parsing EIR data: %s (%d)", strerror(-err), -err);
 		return;
diff --git a/src/adapter.h b/src/adapter.h
index 4c07e92..3526849 100644
--- a/src/adapter.h
+++ b/src/adapter.h
@@ -109,8 +109,8 @@ int adapter_get_discover_type(struct btd_adapter *adapter);
 struct remote_dev_info *adapter_search_found_devices(struct btd_adapter *adapter,
 						struct remote_dev_info *match);
 void adapter_update_found_devices(struct btd_adapter *adapter, bdaddr_t *bdaddr,
-					uint32_t class, int8_t rssi,
-					uint8_t *data, size_t eir_size);
+						uint32_t class, int8_t rssi,
+						uint8_t *data);
 int adapter_remove_found_device(struct btd_adapter *adapter, bdaddr_t *bdaddr);
 void adapter_emit_device_found(struct btd_adapter *adapter,
 						struct remote_dev_info *dev);
diff --git a/src/eir.c b/src/eir.c
index 7dfc444..01b6ac5 100644
--- a/src/eir.c
+++ b/src/eir.c
@@ -52,7 +52,7 @@ void eir_data_free(struct eir_data *eir)
 	g_free(eir->name);
 }
 
-int eir_parse(struct eir_data *eir, uint8_t *eir_data, size_t eir_length)
+int eir_parse(struct eir_data *eir, uint8_t *eir_data)
 {
 	uint16_t len = 0;
 	size_t total;
@@ -69,10 +69,10 @@ int eir_parse(struct eir_data *eir, uint8_t *eir_data, size_t eir_length)
 	eir->flags = -1;
 
 	/* No EIR data to parse */
-	if (eir_data == NULL || eir_length == 0)
+	if (eir_data == NULL)
 		return 0;
 
-	while (len < eir_length - 1) {
+	while (len < HCI_MAX_EIR_LENGTH - 1) {
 		uint8_t field_len = eir_data[0];
 
 		/* Check for the end of EIR */
@@ -115,7 +115,7 @@ int eir_parse(struct eir_data *eir, uint8_t *eir_data, size_t eir_length)
 	}
 
 	/* Bail out if got incorrect length */
-	if (len > eir_length)
+	if (len > HCI_MAX_EIR_LENGTH)
 		return -EINVAL;
 
 	total = uuid16_count + uuid32_count + uuid128_count;
diff --git a/src/eir.h b/src/eir.h
index ea38570..d225973 100644
--- a/src/eir.h
+++ b/src/eir.h
@@ -35,7 +35,7 @@ struct eir_data {
 };
 
 void eir_data_free(struct eir_data *eir);
-int eir_parse(struct eir_data *eir, uint8_t *eir_data, size_t eir_length);
+int eir_parse(struct eir_data *eir, uint8_t *eir_data);
 void eir_create(const char *name, int8_t tx_power, uint16_t did_vendor,
 			uint16_t did_product, uint16_t did_version,
 			GSList *uuids, uint8_t *data);
diff --git a/src/event.c b/src/event.c
index cd5e9e1..55ffadb 100644
--- a/src/event.c
+++ b/src/event.c
@@ -320,8 +320,7 @@ void btd_event_device_found(bdaddr_t *local, bdaddr_t *peer, uint32_t class,
 	if (data)
 		write_remote_eir(local, peer, data);
 
-	adapter_update_found_devices(adapter, peer, class, rssi,
-						data, HCI_MAX_EIR_LENGTH);
+	adapter_update_found_devices(adapter, peer, class, rssi, data);
 }
 
 void btd_event_set_legacy_pairing(bdaddr_t *local, bdaddr_t *peer,
-- 
1.7.5.rc3

--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux