Hi Luiz,
>
> ---
> src/shared/gatt-db.c | 17 ++++++++++++++++-
> 1 file changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/src/shared/gatt-db.c b/src/shared/gatt-db.c
> index 9ead5e3..acd2e9a 100644
> --- a/src/shared/gatt-db.c
> +++ b/src/shared/gatt-db.c
> @@ -882,7 +882,22 @@ bool gatt_db_attribute_read(struct gatt_db_attribute *attrib, uint16_t offset,
> uint8_t opcode, bdaddr_t *bdaddr,
> gatt_db_attribute_read_t func, void *user_data)
> {
> - return false;
> + if (!attrib || !func)
> + return false;
> +
> + if (offset > attrib->value_len)
> + return false;
> +
> + if (attrib->read_func) {
> + attrib->read_func(attrib->handle, offset, opcode, bdaddr,
> + attrib->user_data);
> + return true;
> + }
> +
> + func(attrib, 0, &attrib->value[offset], attrib->value_len - offset,
> + user_data);
Wouldn't this potentially cause an invalid access if value_len ==
offset? I would just do a check here and pass NULL to func if that's
the case.
> +
> + return true;
> }
>
> bool gatt_db_attribute_write(struct gatt_db_attribute *attrib, uint16_t offset,
> --
Cheers,
Arman
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
