Hi Jakub, On Thursday 08 of January 2015 10:17:49 Jakub Tyszkowski wrote: > Protect CCC from remote sending invalid prepare write offset. > > We are not using offset value in the code right now, but there is a test > case in PTS that expects this error to be send. PTS can use this embeded > service's ccc descriptor if no such descriptors are added by the user. Please mention affected PTS test name. > --- > android/gatt.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/android/gatt.c b/android/gatt.c > index c00eb9e..70b8a00 100644 > --- a/android/gatt.c > +++ b/android/gatt.c > @@ -7029,6 +7029,12 @@ static void gatt_srvc_change_write_cb(struct gatt_db_attribute *attrib, > return; > } > > + if (offset > 1) { > + gatt_db_attribute_write_result(attrib, id, > + ATT_ECODE_INVALID_OFFSET); > + return; Indentation is wrong here. > + } > + > /* 2 octets are expected as CCC value */ > if (len != 2) { > gatt_db_attribute_write_result(attrib, id, > -- Best regards, Szymon Janc -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html