diff options
author | Pramod Sivaraman <spramod@codeaurora.org> | 2014-06-06 09:43:28 +0530 |
---|---|---|
committer | Linux Build Service Account <lnxbuild@localhost> | 2015-10-06 03:21:38 -0600 |
commit | 0289c987ab29fc924c6672a242b2d104bc1f4e6e (patch) | |
tree | fd156c1001334bdb50e06eacd2d5b522fedaef7f | |
parent | 19bc89c120e35e20c864783b70faa3895eb09a31 (diff) | |
download | android_system_bt-0289c987ab29fc924c6672a242b2d104bc1f4e6e.tar.gz android_system_bt-0289c987ab29fc924c6672a242b2d104bc1f4e6e.tar.bz2 android_system_bt-0289c987ab29fc924c6672a242b2d104bc1f4e6e.zip |
BLUETOOTH: GAP: Handled remote device's name (248bytes) correctly
This Fix will handle the remote bluetooth device's name
length correctly upto 248 bytes.
Change-Id: Iae0e819946f97fb30d0e37732a74c8a25ec913d5
CRs-Fixed: 673187
CRs-Fixed: 672540
Change-Id: I870ea785899cc01909e81faba8ddcddf389d782e
-rw-r--r-- | bta/dm/bta_dm_act.c | 73 | ||||
-rw-r--r-- | bta/dm/bta_dm_api.c | 4 |
2 files changed, 39 insertions, 38 deletions
diff --git a/bta/dm/bta_dm_act.c b/bta/dm/bta_dm_act.c index fed5979bf..a74c6bd57 100644 --- a/bta/dm/bta_dm_act.c +++ b/bta/dm/bta_dm_act.c @@ -522,6 +522,7 @@ static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle) void bta_dm_set_dev_name (tBTA_DM_MSG *p_data) { + BTM_TRACE_DEBUG("%s: name: %s ", __FUNCTION__, (char*)p_data->set_name.name); BTM_SetLocalDeviceName((char*)p_data->set_name.name); bta_dm_set_eir ((char*)p_data->set_name.name); } @@ -889,8 +890,8 @@ void bta_dm_bond (tBTA_DM_MSG *p_data) p_name = BTM_SecReadDevName(p_data->bond.bd_addr); if (p_name != NULL) { - memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1)); - sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0; + memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN)); + sec_event.auth_cmpl.bd_name[BD_NAME_LEN] = 0; } /* taken care of by memset [above] @@ -1782,10 +1783,10 @@ void bta_dm_sdp_result (tBTA_DM_MSG *p_data) } bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), - bta_dm_get_remname(), (BD_NAME_LEN-1)); + bta_dm_get_remname(), (BD_NAME_LEN)); /* make sure the string is null terminated */ - p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; + p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0; bta_sys_sendmsg(p_msg); } @@ -1809,10 +1810,10 @@ void bta_dm_sdp_result (tBTA_DM_MSG *p_data) p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), - bta_dm_get_remname(), (BD_NAME_LEN-1)); + bta_dm_get_remname(), (BD_NAME_LEN)); /* make sure the string is null terminated */ - p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; + p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0; bta_sys_sendmsg(p_msg); } @@ -2216,10 +2217,10 @@ static void bta_dm_find_services ( BD_ADDR bd_addr) p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), - bta_dm_get_remname(), (BD_NAME_LEN-1)); + bta_dm_get_remname(), (BD_NAME_LEN)); /* make sure the string is terminated */ - p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; + p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0; bta_sys_sendmsg(p_msg); } @@ -2411,10 +2412,10 @@ static void bta_dm_discover_device(BD_ADDR remote_bd_addr) p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), - (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1)); + (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN)); /* make sure the string is terminated */ - p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; + p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0; bta_sys_sendmsg(p_msg); } @@ -2556,12 +2557,12 @@ static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr)) { rem_name.length = strlen((char*)bd_name); - if (rem_name.length > (BD_NAME_LEN-1)) + if (rem_name.length > (BD_NAME_LEN)) { - rem_name.length = (BD_NAME_LEN-1); - rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0; + rem_name.length = (BD_NAME_LEN); + rem_name.remote_bd_name[(BD_NAME_LEN)] = 0; } - BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); + BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN)); rem_name.status = BTM_SUCCESS; bta_dm_remname_cback(&rem_name); @@ -2655,10 +2656,10 @@ static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NA bdcpy(sec_event.authorize.bd_addr, bd_addr); memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN); - BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); + BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN)); /* make sure the string is null terminated */ - sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0; + sec_event.authorize.bd_name[BD_NAME_LEN] = 0; #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE ) sec_event.authorize.service = service_id; @@ -2721,10 +2722,10 @@ static void bta_dm_pinname_cback (void *p_data) if (p_result && p_result->status == BTM_SUCCESS) { - bytes_to_copy = (p_result->length < (BD_NAME_LEN-1)) - ? p_result->length : (BD_NAME_LEN-1); - memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy); - sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; + bytes_to_copy = (p_result->length < (BD_NAME_LEN)) + ? p_result->length : (BD_NAME_LEN); + memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy); + sec_event.pin_req.bd_name[BD_NAME_LEN] = 0; } else /* No name found */ sec_event.cfm_req.bd_name[0] = 0; @@ -2742,10 +2743,10 @@ static void bta_dm_pinname_cback (void *p_data) if (p_result && p_result->status == BTM_SUCCESS) { - bytes_to_copy = (p_result->length < (BD_NAME_LEN-1)) - ? p_result->length : (BD_NAME_LEN-1); + bytes_to_copy = (p_result->length < (BD_NAME_LEN)) + ? p_result->length : (BD_NAME_LEN); memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy); - sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; + sec_event.pin_req.bd_name[BD_NAME_LEN] = 0; } else /* No name found */ sec_event.pin_req.bd_name[0] = 0; @@ -2789,8 +2790,8 @@ static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_ bdcpy(sec_event.pin_req.bd_addr, bd_addr); BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class); - BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); - sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; + BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN)); + sec_event.pin_req.bd_name[BD_NAME_LEN] = 0; sec_event.pin_req.min_16_digit = min_16_digit; bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event); @@ -2824,8 +2825,8 @@ static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, bdcpy(p_auth_cmpl->bd_addr, bd_addr); - memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1)); - p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0; + memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN)); + p_auth_cmpl->bd_name[BD_NAME_LEN] = 0; p_auth_cmpl->key_present = TRUE; p_auth_cmpl->key_type = key_type; @@ -2869,8 +2870,8 @@ static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr); - memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1)); - sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0; + memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN)); + sec_event.auth_cmpl.bd_name[BD_NAME_LEN] = 0; #if BLE_INCLUDED == TRUE // Report the BR link key based on the BR/EDR address and type @@ -2966,8 +2967,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data) bdcpy(sec_event.key_notif.bd_addr, p_data->cfm_req.bd_addr); BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->cfm_req.dev_class); BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), - (char*)p_data->cfm_req.bd_name, (BD_NAME_LEN-1)); - sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0; + (char*)p_data->cfm_req.bd_name, (BD_NAME_LEN)); + sec_event.key_notif.bd_name[BD_NAME_LEN] = 0; } } @@ -3020,8 +3021,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data) bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr); BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class); - BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1)); - sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0; + BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN)); + sec_event.rmt_oob.bd_name[BD_NAME_LEN] = 0; bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event); @@ -5520,7 +5521,7 @@ static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id) /* send result back to app now, one by one */ bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr); - BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1)); + BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN)); result.disc_ble_res.bd_name[BD_NAME_LEN] = 0; memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID)); @@ -5565,10 +5566,10 @@ static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status) p_msg->disc_result.result.disc_res.p_uuid_list = NULL; bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), - bta_dm_get_remname(), (BD_NAME_LEN-1)); + bta_dm_get_remname(), (BD_NAME_LEN)); /* make sure the string is terminated */ - p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; + p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = 0; p_msg->disc_result.result.disc_res.device_type |= BT_DEVICE_TYPE_BLE; if ( bta_dm_search_cb.ble_raw_used > 0 ) diff --git a/bta/dm/bta_dm_api.c b/bta/dm/bta_dm_api.c index 061e7ff4a..bbd134d77 100644 --- a/bta/dm/bta_dm_api.c +++ b/bta/dm/bta_dm_api.c @@ -182,8 +182,8 @@ void BTA_DmSetDeviceName(char *p_name) { p_msg->hdr.event = BTA_DM_API_SET_NAME_EVT; /* truncate the name if needed */ - BCM_STRNCPY_S((char*)p_msg->name, sizeof(p_msg->name), p_name, BD_NAME_LEN-1); - p_msg->name[BD_NAME_LEN-1]=0; + BCM_STRNCPY_S((char*)p_msg->name, sizeof(p_msg->name), p_name, BD_NAME_LEN); + p_msg->name[BD_NAME_LEN]=0; bta_sys_sendmsg(p_msg); } |