Re: [PATCH 2/2] android/gatt: Report error on invalid value length for CCC descriptor

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jakub,

On Tuesday 16 of December 2014 13:02:37 Jakub Tyszkowski wrote:
> For application services, characteristics and descriptors it's user app's
> responsibility to verify value length but for embeded ones we need to do
> this in daemon. This is checked in TC_GAW_SR_BI_34_C and PTS tries to
> write to embeded CCC descritor if no other descriptors are added by the
> apps. It is expected by PTS for us to be more strict about value length
> controll.
> ---
>  android/gatt.c | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/android/gatt.c b/android/gatt.c
> index 1e2627b..5f2f1c4 100644
> --- a/android/gatt.c
> +++ b/android/gatt.c
> @@ -6958,6 +6958,13 @@ static void gatt_srvc_change_write_cb(struct gatt_db_attribute *attrib,
>  		return;
>  	}
>  
> +	/* No more than 2 octets are expected */
> +	if (len > 2) {
> +		gatt_db_attribute_write_result(attrib, id,
> +						ATT_ECODE_INVAL_ATTR_VALUE_LEN);
> +		return;
> +	}
> +

I think we should check if len == 2 here and use get_le16()
and pass u16 to bt_store_gatt_ccc() (instead of u8 as will *value).

>  	/* Set services changed indication value */
>  	bt_store_gatt_ccc(bdaddr, *value);
>  
> 

-- 
Best regards, 
Szymon Janc
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux