BLUETOOTH: GAP: Handled remote device's name (248bytes) correctly

This Fix will handle the remote bluetooth device's name
length correctly upto 248 bytes.

Change-Id: Iae0e819946f97fb30d0e37732a74c8a25ec913d5
CRs-Fixed: 673187
CRs-Fixed: 672540

Change-Id: I870ea785899cc01909e81faba8ddcddf389d782e

2 files changed, 39 insertions, 38 deletions

diff --git a/bta/dm/bta_dm_act.c b/bta/dm/bta_dm_act.c
index fed5979bf..a74c6bd57 100644
--- a/bta/dm/bta_dm_act.c
+++ b/bta/dm/bta_dm_act.c
@@ -522,6 +522,7 @@ static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle)
 void bta_dm_set_dev_name (tBTA_DM_MSG *p_data)
 {
 
+    BTM_TRACE_DEBUG("%s: name: %s ", __FUNCTION__, (char*)p_data->set_name.name);
     BTM_SetLocalDeviceName((char*)p_data->set_name.name);
     bta_dm_set_eir ((char*)p_data->set_name.name);
 }
@@ -889,8 +890,8 @@ void bta_dm_bond (tBTA_DM_MSG *p_data)
         p_name = BTM_SecReadDevName(p_data->bond.bd_addr);
         if (p_name != NULL)
         {
-            memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1));
-            sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
+            memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN));
+            sec_event.auth_cmpl.bd_name[BD_NAME_LEN] = 0;
         }
 
 /*      taken care of by memset [above]
@@ -1782,10 +1783,10 @@ void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
                 }
                 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
                 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
-                        bta_dm_get_remname(), (BD_NAME_LEN-1));
+                        bta_dm_get_remname(), (BD_NAME_LEN));
 
                 /* make sure the string is null terminated */
-                p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
+                p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0;
 
                 bta_sys_sendmsg(p_msg);
             }
@@ -1809,10 +1810,10 @@ void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
             p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
             bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
             BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
-                    bta_dm_get_remname(), (BD_NAME_LEN-1));
+                    bta_dm_get_remname(), (BD_NAME_LEN));
 
             /* make sure the string is null terminated */
-            p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
+            p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0;
 
             bta_sys_sendmsg(p_msg);
         }
@@ -2216,10 +2217,10 @@ static void bta_dm_find_services ( BD_ADDR bd_addr)
             p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
             bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
             BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
-                    bta_dm_get_remname(), (BD_NAME_LEN-1));
+                    bta_dm_get_remname(), (BD_NAME_LEN));
 
             /* make sure the string is terminated */
-            p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
+            p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0;
 
             bta_sys_sendmsg(p_msg);
         }
@@ -2411,10 +2412,10 @@ static void bta_dm_discover_device(BD_ADDR remote_bd_addr)
         p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
         bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
         BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name,  sizeof(BD_NAME),
-                      (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1));
+                      (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN));
 
         /* make sure the string is terminated */
-        p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
+        p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0;
 
         bta_sys_sendmsg(p_msg);
     }
@@ -2556,12 +2557,12 @@ static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc,
     if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr))
     {
         rem_name.length = strlen((char*)bd_name);
-        if (rem_name.length > (BD_NAME_LEN-1))
+        if (rem_name.length > (BD_NAME_LEN))
         {
-            rem_name.length = (BD_NAME_LEN-1);
-            rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0;
+            rem_name.length = (BD_NAME_LEN);
+            rem_name.remote_bd_name[(BD_NAME_LEN)] = 0;
         }
-        BCM_STRNCPY_S((char*)rem_name.remote_bd_name,  sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
+        BCM_STRNCPY_S((char*)rem_name.remote_bd_name,  sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN));
         rem_name.status = BTM_SUCCESS;
 
         bta_dm_remname_cback(&rem_name);
@@ -2655,10 +2656,10 @@ static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NA
     bdcpy(sec_event.authorize.bd_addr, bd_addr);
     memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN);
 
-    BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
+    BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN));
 
     /* make sure the string is null terminated */
-    sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0;
+    sec_event.authorize.bd_name[BD_NAME_LEN] = 0;
 
 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
     sec_event.authorize.service = service_id;
@@ -2721,10 +2722,10 @@ static void bta_dm_pinname_cback (void *p_data)
 
         if (p_result && p_result->status == BTM_SUCCESS)
         {
-            bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
-            ? p_result->length : (BD_NAME_LEN-1);
-            memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
-            sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
+           bytes_to_copy = (p_result->length < (BD_NAME_LEN))
+           ? p_result->length : (BD_NAME_LEN);
+           memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
+           sec_event.pin_req.bd_name[BD_NAME_LEN] = 0;
         }
         else    /* No name found */
             sec_event.cfm_req.bd_name[0] = 0;
@@ -2742,10 +2743,10 @@ static void bta_dm_pinname_cback (void *p_data)
 
         if (p_result && p_result->status == BTM_SUCCESS)
         {
-            bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
-            ? p_result->length : (BD_NAME_LEN-1);
+            bytes_to_copy = (p_result->length < (BD_NAME_LEN))
+            ? p_result->length : (BD_NAME_LEN);
             memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
-            sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
+            sec_event.pin_req.bd_name[BD_NAME_LEN] = 0;
         }
         else    /* No name found */
             sec_event.pin_req.bd_name[0] = 0;
@@ -2789,8 +2790,8 @@ static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_
 
     bdcpy(sec_event.pin_req.bd_addr, bd_addr);
     BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class);
-    BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
-    sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
+    BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN));
+    sec_event.pin_req.bd_name[BD_NAME_LEN] = 0;
     sec_event.pin_req.min_16_digit = min_16_digit;
 
     bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
@@ -2824,8 +2825,8 @@ static UINT8  bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,
 
         bdcpy(p_auth_cmpl->bd_addr, bd_addr);
 
-        memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1));
-        p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0;
+        memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN));
+        p_auth_cmpl->bd_name[BD_NAME_LEN] = 0;
 
         p_auth_cmpl->key_present = TRUE;
         p_auth_cmpl->key_type = key_type;
@@ -2869,8 +2870,8 @@ static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev
         memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
         bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr);
 
-        memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1));
-        sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
+        memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN));
+        sec_event.auth_cmpl.bd_name[BD_NAME_LEN] = 0;
 
 #if BLE_INCLUDED == TRUE
         // Report the BR link key based on the BR/EDR address and type
@@ -2966,8 +2967,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
               bdcpy(sec_event.key_notif.bd_addr, p_data->cfm_req.bd_addr);
               BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->cfm_req.dev_class);
               BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME),
-                   (char*)p_data->cfm_req.bd_name, (BD_NAME_LEN-1));
-              sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0;
+                   (char*)p_data->cfm_req.bd_name, (BD_NAME_LEN));
+              sec_event.key_notif.bd_name[BD_NAME_LEN] = 0;
            }
         }
 
@@ -3020,8 +3021,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
 
          bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr);
          BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class);
-         BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1));
-            sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0;
+         BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN));
+            sec_event.rmt_oob.bd_name[BD_NAME_LEN] = 0;
 
         bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event);
 
@@ -5520,7 +5521,7 @@ static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)
 
         /* send result back to app now, one by one */
         bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
-        BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
+        BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN));
         result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
         memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID));
 
@@ -5565,10 +5566,10 @@ static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status)
             p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
             bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
             BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
-                    bta_dm_get_remname(), (BD_NAME_LEN-1));
+                    bta_dm_get_remname(), (BD_NAME_LEN));
 
             /* make sure the string is terminated */
-            p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
+            p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0;
 
             p_msg->disc_result.result.disc_res.device_type |= BT_DEVICE_TYPE_BLE;
             if ( bta_dm_search_cb.ble_raw_used > 0 )
diff --git a/bta/dm/bta_dm_api.c b/bta/dm/bta_dm_api.c
index 061e7ff4a..bbd134d77 100644
--- a/bta/dm/bta_dm_api.c
+++ b/bta/dm/bta_dm_api.c
@@ -182,8 +182,8 @@ void BTA_DmSetDeviceName(char *p_name)
     {
         p_msg->hdr.event = BTA_DM_API_SET_NAME_EVT;
         /* truncate the name if needed */
-        BCM_STRNCPY_S((char*)p_msg->name, sizeof(p_msg->name), p_name, BD_NAME_LEN-1);
-        p_msg->name[BD_NAME_LEN-1]=0;
+        BCM_STRNCPY_S((char*)p_msg->name, sizeof(p_msg->name), p_name, BD_NAME_LEN);
+        p_msg->name[BD_NAME_LEN]=0;
 
         bta_sys_sendmsg(p_msg);
     }