This patch fixes the unchecked return value.
---
monitor/a2dp.c | 30 ++++++++++++++++++++----------
monitor/l2cap.c | 3 +++
2 files changed, 23 insertions(+), 10 deletions(-)
diff --git a/monitor/a2dp.c b/monitor/a2dp.c
index ac2e1a228..f6e99ab26 100644
--- a/monitor/a2dp.c
+++ b/monitor/a2dp.c
@@ -364,7 +364,8 @@ static bool codec_mpeg12_cap(uint8_t losc, struct l2cap_frame *frame)
if (losc != 4)
return false;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
layer = (cap >> 8) & 0xe0;
crc = cap & 0x1000;
@@ -372,7 +373,8 @@ static bool codec_mpeg12_cap(uint8_t losc, struct l2cap_frame *frame)
mpf = cap & 0x0040;
freq = cap & 0x003f;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
vbr = cap & 0x8000;
bitrate = cap & 0x7fff;
@@ -414,7 +416,8 @@ static bool codec_mpeg12_cfg(uint8_t losc, struct l2cap_frame *frame)
if (losc != 4)
return false;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
layer = (cap >> 8) & 0xe0;
crc = cap & 0x1000;
@@ -422,7 +425,8 @@ static bool codec_mpeg12_cfg(uint8_t losc, struct l2cap_frame *frame)
mpf = cap & 0x0040;
freq = cap & 0x003f;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
vbr = cap & 0x8000;
bitrate = cap & 0x7fff;
@@ -466,19 +470,22 @@ static bool codec_aac_cap(uint8_t losc, struct l2cap_frame *frame)
if (losc != 6)
return false;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
type = cap >> 8;
freq = cap << 8;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
freq |= (cap >> 8) & 0xf0;
chan = (cap >> 8) & 0x0c;
bitrate = (cap << 16) & 0x7f0000;
vbr = cap & 0x0080;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
bitrate |= cap;
@@ -509,19 +516,22 @@ static bool codec_aac_cfg(uint8_t losc, struct l2cap_frame *frame)
if (losc != 6)
return false;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
type = cap >> 8;
freq = cap << 8;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
freq |= (cap >> 8) & 0xf0;
chan = (cap >> 8) & 0x0c;
bitrate = (cap << 16) & 0x7f0000;
vbr = cap & 0x0080;
- l2cap_frame_get_be16(frame, &cap);
+ if (!l2cap_frame_get_be16(frame, &cap))
+ return false;
bitrate |= cap;
diff --git a/monitor/l2cap.c b/monitor/l2cap.c
index ca1997a0c..f16f82532 100644
--- a/monitor/l2cap.c
+++ b/monitor/l2cap.c
@@ -3243,6 +3243,9 @@ void l2cap_frame(uint16_t index, bool in, uint16_t handle, uint16_t cid,
case L2CAP_MODE_LE_FLOWCTL:
case L2CAP_MODE_ECRED:
chan = get_chan(&frame);
+ if (!chan)
+ return;
+
if (!chan->sdu) {
if (!l2cap_frame_get_le16(&frame, &chan->sdu))
return;
--
2.25.4
