Merge "PDL: Insert the size of the data, not the container"
am: 1b8cfd2199
Change-Id: Id711e8fb03a0166282244471bace54db9005bff4
diff --git a/btcore/src/device_class.cc b/btcore/src/device_class.cc
index 911eeee..1788024 100644
--- a/btcore/src/device_class.cc
+++ b/btcore/src/device_class.cc
@@ -88,7 +88,9 @@
int device_class_to_int(const bt_device_class_t* dc) {
CHECK(dc != NULL);
// Careful with endianess.
- return (int)(le32toh(*(int*)dc) & 0xffffff);
+ int val = 0;
+ memcpy(&val, dc, sizeof(*dc));
+ return static_cast<int>(le32toh(val) & 0xffffff);
}
bool device_class_equals(const bt_device_class_t* p1,
diff --git a/btcore/test/device_class_test.cc b/btcore/test/device_class_test.cc
index 5ce1523..cc1a1fe 100644
--- a/btcore/test/device_class_test.cc
+++ b/btcore/test/device_class_test.cc
@@ -22,9 +22,6 @@
#include "btcore/include/device_class.h"
-// Device Class is 3 bytes.
-static const int DC_MASK = 0xffffff;
-
::testing::AssertionResult check_bitfield(const char* m_expr,
const char* n_expr, int m, int n) {
if (m == n) return ::testing::AssertionSuccess();
@@ -84,8 +81,9 @@
int rc = device_class_to_stream(&dc, dc_stream1, sizeof(dc_stream1));
EXPECT_EQ(3, rc);
- uint32_t* val = (uint32_t*)&dc;
- EXPECT_PRED_FORMAT2(check_bitfield, 0x00000000, *val & 0xffffff);
+ uint32_t val = 0;
+ memcpy(&val, &dc, sizeof(dc));
+ EXPECT_PRED_FORMAT2(check_bitfield, 0x00000000, val);
EXPECT_PRED_FORMAT2(check_bitfield, 0x00, dc_stream1[0]);
EXPECT_PRED_FORMAT2(check_bitfield, 0x00, dc_stream1[1]);
@@ -101,8 +99,9 @@
int rc = device_class_to_stream(&dc, dc_stream1, sizeof(dc_stream1));
EXPECT_EQ(3, rc);
- uint32_t* val = (uint32_t*)&dc;
- EXPECT_PRED_FORMAT2(check_bitfield, 0x00aa55aa, *val & 0xffffff);
+ uint32_t val = 0;
+ memcpy(&val, &dc, sizeof(dc));
+ EXPECT_PRED_FORMAT2(check_bitfield, 0x00aa55aa, val);
EXPECT_PRED_FORMAT2(check_bitfield, 0xaa, dc_stream1[0]);
EXPECT_PRED_FORMAT2(check_bitfield, 0x55, dc_stream1[1]);
@@ -118,8 +117,9 @@
int rc = device_class_to_stream(&dc, dc_stream1, sizeof(dc_stream1));
EXPECT_EQ(3, rc);
- uint32_t* val = (uint32_t*)&dc;
- EXPECT_PRED_FORMAT2(check_bitfield, 0x452301, *val & 0xffffff);
+ uint32_t val = 0;
+ memcpy(&val, &dc, sizeof(dc));
+ EXPECT_PRED_FORMAT2(check_bitfield, 0x452301, val);
EXPECT_PRED_FORMAT2(check_bitfield, 0x01, dc_stream1[0]);
EXPECT_PRED_FORMAT2(check_bitfield, 0x23, dc_stream1[1]);
@@ -131,24 +131,33 @@
uint8_t dc_stream[] = {0x00, 0x00, 0x00};
bt_device_class_t dc;
device_class_from_stream(&dc, dc_stream);
- uint32_t* test = (uint32_t*)&dc;
+ uint32_t test = 0;
+ memcpy(&test, &dc, sizeof(dc));
EXPECT_FALSE(device_class_get_limited(&dc));
- EXPECT_EQ((unsigned)0x00000000, *test & DC_MASK);
+ EXPECT_EQ((unsigned)0x00000000, test);
device_class_set_limited(&dc, true);
+ test = 0;
+ memcpy(&test, &dc, sizeof(dc));
EXPECT_TRUE(device_class_get_limited(&dc));
- EXPECT_EQ((unsigned)0x00002000, *test & DC_MASK);
+ EXPECT_EQ((unsigned)0x00002000, test);
device_class_set_limited(&dc, false);
+ test = 0;
+ memcpy(&test, &dc, sizeof(dc));
EXPECT_FALSE(device_class_get_limited(&dc));
- EXPECT_EQ((unsigned)0x00000000, *test & DC_MASK);
+ EXPECT_EQ((unsigned)0x00000000, test);
device_class_set_limited(&dc, true);
- EXPECT_PRED_FORMAT2(check_bitfield, 0x00002000, *test & DC_MASK);
+ test = 0;
+ memcpy(&test, &dc, sizeof(dc));
+ EXPECT_PRED_FORMAT2(check_bitfield, 0x00002000, test);
device_class_set_limited(&dc, false);
- EXPECT_PRED_FORMAT2(check_bitfield, 0x00000000, *test & DC_MASK);
+ test = 0;
+ memcpy(&test, &dc, sizeof(dc));
+ EXPECT_PRED_FORMAT2(check_bitfield, 0x00000000, test);
}
TEST_F(DeviceClassTest, equals) {
diff --git a/btif/src/btif_dm.cc b/btif/src/btif_dm.cc
index a450c27..5543988 100644
--- a/btif/src/btif_dm.cc
+++ b/btif/src/btif_dm.cc
@@ -973,21 +973,12 @@
/* If JustWorks auto-accept */
if (p_ssp_cfm_req->just_works) {
- /* Pairing consent for JustWorks needed if:
- * 1. Incoming (non-temporary) pairing is detected AND
- * 2. local IO capabilities are DisplayYesNo AND
- * 3. remote IO capabiltiies are DisplayOnly or NoInputNoOutput;
+ /* Pairing consent for JustWorks NOT needed if:
+ * 1. Incoming temporary pairing is detected
*/
- if (is_incoming && pairing_cb.bond_type != BOND_TYPE_TEMPORARY &&
- ((p_ssp_cfm_req->loc_io_caps == HCI_IO_CAP_DISPLAY_YESNO) &&
- (p_ssp_cfm_req->rmt_io_caps == HCI_IO_CAP_DISPLAY_ONLY ||
- p_ssp_cfm_req->rmt_io_caps == HCI_IO_CAP_NO_IO))) {
+ if (is_incoming && pairing_cb.bond_type == BOND_TYPE_TEMPORARY) {
BTIF_TRACE_EVENT(
- "%s: User consent needed for incoming pairing request. loc_io_caps: "
- "%d, rmt_io_caps: %d",
- __func__, p_ssp_cfm_req->loc_io_caps, p_ssp_cfm_req->rmt_io_caps);
- } else {
- BTIF_TRACE_EVENT("%s: Auto-accept JustWorks pairing", __func__);
+ "%s: Auto-accept JustWorks pairing for temporary incoming", __func__);
btif_dm_ssp_reply(&bd_addr, BT_SSP_VARIANT_CONSENT, true, 0);
return;
}
diff --git a/stack/sdp/sdp_discovery.cc b/stack/sdp/sdp_discovery.cc
index 55259ca..baadd7a 100644
--- a/stack/sdp/sdp_discovery.cc
+++ b/stack/sdp/sdp_discovery.cc
@@ -334,11 +334,13 @@
* Description copy the raw data
*
*
- * Returns void
+ * Returns bool
+ * true if successful
+ * false if not copied
*
******************************************************************************/
#if (SDP_RAW_DATA_INCLUDED == TRUE)
-static void sdp_copy_raw_data(tCONN_CB* p_ccb, bool offset) {
+static bool sdp_copy_raw_data(tCONN_CB* p_ccb, bool offset) {
unsigned int cpy_len, rem_len;
uint32_t list_len;
uint8_t* p;
@@ -358,11 +360,11 @@
p = sdpu_get_len_from_type(p, p_end, type, &list_len);
if (p == NULL || (p + list_len) > p_end) {
SDP_TRACE_WARNING("%s: bad length", __func__);
- return;
+ return false;
}
if ((int)cpy_len < (p - old_p)) {
SDP_TRACE_WARNING("%s: no bytes left for data", __func__);
- return;
+ return false;
}
cpy_len -= (p - old_p);
}
@@ -377,6 +379,7 @@
memcpy(&p_ccb->p_db->raw_data[p_ccb->p_db->raw_used], p, cpy_len);
p_ccb->p_db->raw_used += cpy_len;
}
+ return true;
}
#endif
@@ -430,7 +433,11 @@
} else {
#if (SDP_RAW_DATA_INCLUDED == TRUE)
SDP_TRACE_WARNING("process_service_attr_rsp");
- sdp_copy_raw_data(p_ccb, false);
+ if (!sdp_copy_raw_data(p_ccb, false)) {
+ SDP_TRACE_ERROR("sdp_copy_raw_data failed");
+ sdp_disconnect(p_ccb, SDP_ILLEGAL_PARAMETER);
+ }
+
#endif
/* Save the response in the database. Stop on any error */
@@ -632,7 +639,10 @@
#if (SDP_RAW_DATA_INCLUDED == TRUE)
SDP_TRACE_WARNING("process_service_search_attr_rsp");
- sdp_copy_raw_data(p_ccb, true);
+ if (!sdp_copy_raw_data(p_ccb, true)) {
+ SDP_TRACE_ERROR("sdp_copy_raw_data failed");
+ sdp_disconnect(p_ccb, SDP_ILLEGAL_PARAMETER);
+ }
#endif
p = &p_ccb->rsp_list[0];
@@ -647,6 +657,7 @@
p = sdpu_get_len_from_type(p, p + p_ccb->list_len, type, &seq_len);
if (p == NULL || (p + seq_len) > (p + p_ccb->list_len)) {
SDP_TRACE_WARNING("%s: bad length", __func__);
+ sdp_disconnect(p_ccb, SDP_ILLEGAL_PARAMETER);
return;
}
p_end = &p_ccb->rsp_list[p_ccb->list_len];
