Hi Bharat,
On Mon, Aug 18, 2014, Bharat Panda wrote:
> Updates gatt attribute db using offset value. This fixes below
> PTS TCs.
>
> TP/GAW/SR/BV-06-C
> TP/GAW/SR/BV-10-C
> TP/GAW/SR/BI-14-C
> TP/GAW/SR/BI-15-C
> TP/GAW/SR/BV-05-C
> TP/GAW/SR/BI-07-C
> TP/GAW/SR/BI-08-C
> TP/GAW/SR/BI-34-C
> TP/GAW/SR/BI-25-C
> TP/GAW/SR/BI-26-C
> ---
> plugins/gatt-example.c | 2 +-
> profiles/alert/server.c | 16 ++++++-------
> profiles/proximity/linkloss.c | 2 +-
> profiles/time/server.c | 6 ++---
> src/attrib-server.c | 53 +++++++++++++++++++++++++++++++++++--------
> src/attrib-server.h | 2 +-
> 6 files changed, 57 insertions(+), 24 deletions(-)
Your commit message should have a bit more content, i.e. give some more
background to the issue and justify & explain the way that you're
solving it. Also, the subject seems misleading to me as this is related
to long writes and not "multiple write".
> - case ATT_OP_READ_MULTI_REQ:
> case ATT_OP_PREP_WRITE_REQ:
> + length = dec_prep_write_req(ipdu, len, &start, &offset, value, &vlen);
> + if (length == 0) {
> + status = ATT_ECODE_INVALID_PDU;
> + goto done;
> + }
> +
> + length = write_value(channel, start, value, vlen, opdu,
> + channel->mtu, offset);
> + break;
> +
> case ATT_OP_EXEC_WRITE_REQ:
> + break;
> + case ATT_OP_READ_MULTI_REQ:
> default:
> DBG("Unsupported request 0x%02x", ipdu[0]);
> status = ATT_ECODE_REQ_NOT_SUPP;
This doesn't look right. The changes should not be taking effect until
execute write has been issued. Here it seems the write_value() makes an
irreversible change to the database.
> - a->data = g_try_realloc(a->data, len);
> + if (offset) {
> + uint8_t *temp;
> + temp = malloc(sizeof(uint8_t) * a->len);
> + if (temp == NULL) {
> + DBG("Unable to allocate memory");
> + return -ENOMEM;
> + }
> + memcpy(temp, a->data, a->len);
> + a->data = g_try_realloc(a->data, (a->len + (a->len - offset) + len));
This calculation doesn't look right. Shouldn't the new size be simply
offset + len? Or if offset + len is less than the original length and
the specification requires to preserve the data after it (which I'm not
sure it does) then you'd need some extra condition here. You'd also not
need realloc in this case since the buffer wouldn't grow.
> + memcpy(a->data, temp, a->len);
First of all the "try" versions of GLib allocation functions may return
NULL so you can't just copy to a->data without checking first. However,
most of this code is completely unnecessary: realloc maintains the the
contents of the memory so there's no need of a temporary buffer here.
> + free(temp);
> + }
> + else {
> + a->data = g_try_realloc(a->data, len);
> + }
The coding style is:
if (...) {
...
...
} else {
...
...
}
> + if (offset) {
> + a->len = a->len + (a->len - offset) + len;
Shouldn't this be a->len = offset + len?
> + memcpy((a->data + offset), value, len);
> + }
> + else {
> + a->len = len;
> + memcpy(a->data, value, len);
> + }
Same thing as earlier with the if-else coding style.
Johan
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
