Bluetooth: Hedge against the Null global reference access

Whenever there is an error at upper layer it cleans up JNI interface as part of cleanup and global reference also get dereferenced but lower layer HAL is not aware in case of upper layer and sends the jni callback where it crashes.protecting all callbacks since expereincing similar issues at different callbacks. Change-Id: Idab75ca537e02f976e6892d7e03aa70fb7e43868 CRs-fixed: 710760
author: Ajay Kumar <ajayku@codeaurora.org> 2014-08-12 21:46:51 +0530
committer: Linux Build Service Account <lnxbuild@localhost> 2014-11-04 08:25:51 -0700
commit: 3e4660385b24c4a82505cd482b54e1593802f3f0 (patch)
tree: f80ddc40ba582a7ddf43736e41c81c76681e214e /jni
parent: 0f71878ff61a5de0162b02dea9042d1c2f04a0dd (diff)
download: android_packages_apps_Bluetooth-3e4660385b24c4a82505cd482b54e1593802f3f0.tar.gz
android_packages_apps_Bluetooth-3e4660385b24c4a82505cd482b54e1593802f3f0.tar.bz2
android_packages_apps_Bluetooth-3e4660385b24c4a82505cd482b54e1593802f3f0.zip
1 files changed, 34 insertions, 17 deletions
diff --git a/jni/com_android_bluetooth_btservice_AdapterService.cpp b/jni/com_android_bluetooth_btservice_AdapterService.cpp
index 87ef3ae23..d6c654274 100644
--- a/jni/com_android_bluetooth_btservice_AdapterService.cpp
+++ b/jni/com_android_bluetooth_btservice_AdapterService.cpp
@@ -175,8 +175,10 @@ static void adapter_properties_callback(bt_status_t status, int num_properties,
         return;
     }
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_adapterPropertyChangedCallback, types,
-                                props);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_adapterPropertyChangedCallback, types,
+                                    props);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
     callbackEnv->DeleteLocalRef(props);
     callbackEnv->DeleteLocalRef(types);
@@ -245,8 +247,10 @@ static void remote_device_properties_callback(bt_status_t status, bt_bdaddr_t *b
         return;
     }
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_devicePropertyChangedCallback, addr,
-                                types, props);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_devicePropertyChangedCallback, addr,
+                                    types, props);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
     callbackEnv->DeleteLocalRef(props);
     callbackEnv->DeleteLocalRef(types);
@@ -287,7 +291,9 @@ static void device_found_callback(int num_properties, bt_property_t *properties)
     remote_device_properties_callback(BT_STATUS_SUCCESS, (bt_bdaddr_t *)properties[addr_index].val,
                                       num_properties, properties);
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_deviceFoundCallback, addr);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_deviceFoundCallback, addr);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
     callbackEnv->DeleteLocalRef(addr);
 }
@@ -311,8 +317,10 @@ static void bond_state_changed_callback(bt_status_t status, bt_bdaddr_t *bd_addr
     }
     callbackEnv->SetByteArrayRegion(addr, 0, sizeof(bt_bdaddr_t), (jbyte *)bd_addr);
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_bondStateChangeCallback, (jint) status,
-                                addr, (jint)state);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_bondStateChangeCallback, (jint) status,
+                                    addr, (jint)state);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
     callbackEnv->DeleteLocalRef(addr);
 }
@@ -337,8 +345,10 @@ static void acl_state_changed_callback(bt_status_t status, bt_bdaddr_t *bd_addr,
     }
     callbackEnv->SetByteArrayRegion(addr, 0, sizeof(bt_bdaddr_t), (jbyte *)bd_addr);
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_aclStateChangeCallback, (jint) status,
-                                addr, (jint)state);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_aclStateChangeCallback, (jint) status,
+                                    addr, (jint)state);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
     callbackEnv->DeleteLocalRef(addr);
 }
@@ -352,9 +362,10 @@ static void discovery_state_changed_callback(bt_discovery_state_t state) {
 
     ALOGV("%s: DiscoveryState:%d ", __FUNCTION__, state);
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_discoveryStateChangeCallback,
-                                (jint)state);
-
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_discoveryStateChangeCallback,
+                                    (jint)state);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
 }
 
@@ -378,7 +389,9 @@ static void pin_request_callback(bt_bdaddr_t *bd_addr, bt_bdname_t *bdname, uint
 
     callbackEnv->SetByteArrayRegion(devname, 0, sizeof(bt_bdname_t), (jbyte*)bdname);
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_pinRequestCallback, addr, devname, cod, secure);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_pinRequestCallback, addr, devname, cod, secure);
+    }
 
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
     callbackEnv->DeleteLocalRef(addr);
@@ -411,8 +424,10 @@ static void ssp_request_callback(bt_bdaddr_t *bd_addr, bt_bdname_t *bdname, uint
     if (devname == NULL) goto Fail;
     callbackEnv->SetByteArrayRegion(devname, 0, sizeof(bt_bdname_t), (jbyte*)bdname);
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_sspRequestCallback, addr, devname, cod,
-                                (jint) pairing_variant, pass_key);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_sspRequestCallback, addr, devname, cod,
+                                    (jint) pairing_variant, pass_key);
+    }
 
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
     callbackEnv->DeleteLocalRef(addr);
@@ -659,8 +674,10 @@ static void remote_mas_instances_callback(bt_status_t status, bt_bdaddr_t *bd_ad
         callbackEnv->DeleteLocalRef(name);
     }
 
-    callbackEnv->CallVoidMethod(sJniCallbacksObj, method_deviceMasInstancesFoundCallback,
-            (jint) status, addr, a_name, a_scn, a_masid, a_msgtype);
+    if (sJniCallbacksObj) {
+        callbackEnv->CallVoidMethod(sJniCallbacksObj, method_deviceMasInstancesFoundCallback,
+                                    (jint) status, addr, a_name, a_scn, a_masid, a_msgtype);
+    }
     checkAndClearExceptionFromCallback(callbackEnv, __FUNCTION__);
 
 clean:
author	Ajay Kumar <ajayku@codeaurora.org>	2014-08-12 21:46:51 +0530
committer	Linux Build Service Account <lnxbuild@localhost>	2014-11-04 08:25:51 -0700
commit	3e4660385b24c4a82505cd482b54e1593802f3f0 (patch)
tree	f80ddc40ba582a7ddf43736e41c81c76681e214e /jni
parent	0f71878ff61a5de0162b02dea9042d1c2f04a0dd (diff)
download	android_packages_apps_Bluetooth-3e4660385b24c4a82505cd482b54e1593802f3f0.tar.gz android_packages_apps_Bluetooth-3e4660385b24c4a82505cd482b54e1593802f3f0.tar.bz2 android_packages_apps_Bluetooth-3e4660385b24c4a82505cd482b54e1593802f3f0.zip