From 384b59de91b7ba0cd96b96e864dcd71487decd8b Mon Sep 17 00:00:00 2001 From: Matthias Ringwald Date: Tue, 19 Sep 2017 15:46:18 +0200 Subject: [PATCH] hci: check adv_data len when processing advertisement report. review UNUSED-size --- src/hci.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/hci.c b/src/hci.c index 7dd6a9e8c..7ee6b9124 100644 --- a/src/hci.c +++ b/src/hci.c @@ -156,7 +156,7 @@ static int hci_number_free_acl_slots_for_connection_type( bd_addr_type_t addres #ifdef ENABLE_BLE #ifdef ENABLE_LE_CENTRAL // called from test/ble_client/advertising_data_parser.c -void le_handle_advertisement_report(uint8_t *packet, int size); +void le_handle_advertisement_report(uint8_t *packet, uint16_t size); static void hci_remove_from_whitelist(bd_addr_type_t address_type, bd_addr_t address); #endif #endif @@ -961,9 +961,7 @@ void gap_le_get_own_address(uint8_t * addr_type, bd_addr_t addr){ } #ifdef ENABLE_LE_CENTRAL -void le_handle_advertisement_report(uint8_t *packet, int size){ - - UNUSED(size); +void le_handle_advertisement_report(uint8_t *packet, uint16_t size){ int offset = 3; int num_reports = packet[offset]; @@ -972,8 +970,8 @@ void le_handle_advertisement_report(uint8_t *packet, int size){ int i; // log_info("HCI: handle adv report with num reports: %d", num_reports); uint8_t event[12 + LE_ADVERTISING_DATA_SIZE]; // use upper bound to avoid var size automatic var - for (i=0; i