korg/bluez
0
0
Fork 0
mirror of https://git.kernel.org/pub/scm/bluetooth/bluez.git synced 2024-12-11 13:04:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Be more strict about codec capability length checks

Browse Source
This commit is contained in:
Johan Hedberg 2009-02-24 13:30:07 +02:00
parent 9f7089874b
commit f48c24c3d7
1 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
audio/a2dp.c
View File

@ -302,19 +302,27 @@ static gboolean sbc_setconf_ind(struct avdtp *session,
/* Check bipool range */ /* Check bipool range */
for (codec_cap = NULL; caps; caps = g_slist_next(caps)) { for (codec_cap = NULL; caps; caps = g_slist_next(caps)) {
cap = caps->data; cap = caps->data;
if (cap->category == AVDTP_MEDIA_CODEC) { if (cap->category != AVDTP_MEDIA_CODEC)
codec_cap = (void *) cap->data; continue;
if (codec_cap->media_codec_type == A2DP_CODEC_SBC) {
sbc_cap = (void *) codec_cap; if (cap->length < sizeof(struct sbc_codec_cap))
if (sbc_cap->min_bitpool < MIN_BITPOOL || continue;
codec_cap = (void *) cap->data;
if (codec_cap->media_codec_type != A2DP_CODEC_SBC)
continue;
sbc_cap = (void *) codec_cap;
if (sbc_cap->min_bitpool < MIN_BITPOOL ||
sbc_cap->max_bitpool > MAX_BITPOOL) { sbc_cap->max_bitpool > MAX_BITPOOL) {
*err = AVDTP_UNSUPPORTED_CONFIGURATION; *err = AVDTP_UNSUPPORTED_CONFIGURATION;
*category = AVDTP_MEDIA_CODEC; *category = AVDTP_MEDIA_CODEC;
return FALSE; return FALSE;
}
}
break;
} }
break;
} }
avdtp_stream_add_cb(session, stream, stream_state_changed, a2dp_sep); avdtp_stream_add_cb(session, stream, stream_state_changed, a2dp_sep);