This patch fixes an off-by-one error during descriptor discovery, which results
in an invalid access if more than one descriptor declaration exists within a
service handle range.
---
src/shared/gatt-client.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/gatt-client.c b/src/shared/gatt-client.c
index 101e47e..1a157ec 100644
--- a/src/shared/gatt-client.c
+++ b/src/shared/gatt-client.c
@@ -229,7 +229,7 @@ static void discover_descs_cb(bool success, uint8_t att_ecode,
op->cur_chrc->num_descs = desc_count;
op->cur_chrc->descs = descs;
- for (i = op->cur_chrc_index;
+ for (i = op->cur_chrc_index + 1;
i < op->cur_service->service.num_chrcs; i++) {
op->cur_chrc_index = i;
op->cur_chrc++;
--
2.1.0.rc2.206.gedb03e5
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
