diff --git a/src/classic/avdtp.c b/src/classic/avdtp.c index 9427db8a4..527a7d207 100644 --- a/src/classic/avdtp.c +++ b/src/classic/avdtp.c @@ -555,11 +555,15 @@ handle_l2cap_data_packet_for_signaling_connection(avdtp_connection_t *connection switch (message_type){ case AVDTP_CMD_MSG: offset = avdtp_read_signaling_header(&connection->acceptor_signaling_packet, packet, size); - avdtp_acceptor_stream_config_subsm(connection, packet, size, offset); + if (offset > 0){ + avdtp_acceptor_stream_config_subsm(connection, packet, size, offset); + } break; default: - offset = avdtp_read_signaling_header(&connection->initiator_signaling_packet, packet, size); - avdtp_initiator_stream_config_subsm(connection, packet, size, offset); + offset = avdtp_read_signaling_header(&connection->initiator_signaling_packet, packet, size); + if (offset > 0) { + avdtp_initiator_stream_config_subsm(connection, packet, size, offset); + } break; } } diff --git a/src/classic/avdtp_util.c b/src/classic/avdtp_util.c index 570fc4ab9..b94acd6ed 100644 --- a/src/classic/avdtp_util.c +++ b/src/classic/avdtp_util.c @@ -154,9 +154,10 @@ avdtp_message_type_t avdtp_get_signaling_message_type(uint8_t * packet){ return (avdtp_message_type_t) (packet[0] & 0x03); } +// returns 0 if header incomplete int avdtp_read_signaling_header(avdtp_signaling_packet_t * signaling_header, uint8_t * packet, uint16_t size){ int pos = 0; - if (size < 2) return pos; + if (size < 2) return 0; signaling_header->transaction_label = packet[pos] >> 4; signaling_header->packet_type = (avdtp_packet_type_t)((packet[pos] >> 2) & 0x03); signaling_header->message_type = (avdtp_message_type_t) (packet[pos] & 0x03); @@ -173,7 +174,7 @@ int avdtp_read_signaling_header(avdtp_signaling_packet_t * signaling_header, uin break; case AVDTP_START_PACKET: signaling_header->num_packets = packet[pos++]; - if (pos < 3) return pos; + if (pos < 3) return 0; signaling_header->size = 0; signaling_header->offset = 0; break;