korg/bluez
0
0
Fork 0
mirror of https://git.kernel.org/pub/scm/bluetooth/bluez.git synced 2025-01-24 13:23:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

android/hal-sock: Check uuid before dereference

Browse Source 
uuid might be NULL and channel might be specified which makes it
valid case for Android. This adds check for uuid and service name.
This commit is contained in:
Andrei Emeltchenko 2013-11-26 16:05:49 +02:00 committed by Johan Hedberg
parent cc38f090de
commit 7c48f46ed1
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
android/hal-sock.c
View File

@ -34,12 +34,17 @@ static bt_status_t sock_listen_rfcomm(const char *service_name,
DBG("");
memset(&cmd, 0, sizeof(cmd));
cmd.flags = flags;
cmd.type = BTSOCK_RFCOMM;
cmd.channel = chan;
memcpy(cmd.uuid, uuid, sizeof(cmd.uuid));
memset(cmd.name, 0, sizeof(cmd.name));
memcpy(cmd.name, service_name, strlen(service_name));
if (uuid)
memcpy(cmd.uuid, uuid, sizeof(cmd.uuid));
if (service_name)
memcpy(cmd.name, service_name, strlen(service_name));
return hal_ipc_cmd(HAL_SERVICE_ID_SOCK, HAL_OP_SOCK_LISTEN,
sizeof(cmd), &cmd, NULL, NULL, sock);
@ -90,10 +95,15 @@ static bt_status_t sock_connect(const bt_bdaddr_t *bdaddr, btsock_type_t type,
return BT_STATUS_UNSUPPORTED;
}
memset(&cmd, 0, sizeof(cmd));
cmd.flags = flags;
cmd.type = type;
cmd.channel = chan;
memcpy(cmd.uuid, uuid, sizeof(cmd.uuid));
if (uuid)
memcpy(cmd.uuid, uuid, sizeof(cmd.uuid));
memcpy(cmd.bdaddr, bdaddr, sizeof(cmd.bdaddr));
return hal_ipc_cmd(HAL_SERVICE_ID_SOCK, HAL_OP_SOCK_CONNECT,