[PATCH BlueZ] client: Update write callbacks with invalid offset error handlers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch adds invalid offset handlers to write callbacks of attributes.
---
 client/gatt.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/client/gatt.c b/client/gatt.c
index 416eda953..5713f8343 100644
--- a/client/gatt.c
+++ b/client/gatt.c
@@ -2141,6 +2141,12 @@ static void authorize_write_response(const char *input, void *user_data)
 		goto error;
 	}
 
+	if (aad->offset > chrc->value_len) {
+		err = "org.bluez.Error.InvalidOffset";
+
+		goto error;
+	}
+
 	/* Authorization check of prepare writes */
 	if (prep_authorize) {
 		reply = g_dbus_create_reply(pending_message, DBUS_TYPE_INVALID);
@@ -2272,6 +2278,11 @@ static DBusMessage *chrc_write_value(DBusConnection *conn, DBusMessage *msg,
 		return NULL;
 	}
 
+	if (offset > chrc->value_len)
+		return g_dbus_create_error(msg,
+				"org.bluez.Error.InvalidOffset", NULL);
+
+
 	/* Authorization check of prepare writes */
 	if (prep_authorize)
 		return g_dbus_create_reply(msg, DBUS_TYPE_INVALID);
@@ -2683,6 +2694,10 @@ static DBusMessage *desc_write_value(DBusConnection *conn, DBusMessage *msg,
 		return g_dbus_create_error(msg,
 				"org.bluez.Error.InvalidArguments", NULL);
 
+	if (offset > desc->value_len)
+		return g_dbus_create_error(msg,
+				"org.bluez.Error.InvalidOffset", NULL);
+
 	if (write_value(&desc->value_len, &desc->value, value,
 					value_len, offset, desc->max_val_len))
 		return g_dbus_create_error(msg,
-- 
2.25.4




[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux