Merge branch 'bugfix/memory_copy_bugs_in_bluedroid' into 'master'

components_bt/bluedroid: Fix Memory Copy Build Err

Closes IDFGH-7871

See merge request espressif/esp-idf!19182
pull/9485/head
Wei Tian Hua 2022-08-01 14:32:39 +08:00
commit aeb9cd267f
11 zmienionych plików z 84 dodań i 101 usunięć

Wyświetl plik

@ -117,9 +117,8 @@ void BTA_AvRegister(tBTA_AV_CHNL chnl, const char *p_service_name, UINT8 app_id,
p_buf->hdr.event = BTA_AV_API_REGISTER_EVT;
if (p_service_name) {
BCM_STRNCPY_S(p_buf->p_service_name, p_service_name, BTA_SERVICE_NAME_LEN);
p_buf->p_service_name[BTA_SERVICE_NAME_LEN - 1] = 0;
} else {
p_buf->p_service_name[0] = 0;
p_buf->p_service_name[0] = '\0';
}
p_buf->app_id = app_id;
p_buf->p_app_data_cback = p_data_cback;
@ -307,9 +306,10 @@ void BTA_AvReconfig(tBTA_AV_HNDL hndl, BOOLEAN suspend, UINT8 sep_info_idx,
p_buf->num_protect = num_protect;
p_buf->suspend = suspend;
p_buf->sep_info_idx = sep_info_idx;
p_buf->p_protect_info = (UINT8 *)(p_buf + 1);
memcpy(p_buf->codec_info, p_codec_info, AVDT_CODEC_SIZE);
memcpy(p_buf->p_protect_info, p_protect_info, num_protect);
if (p_protect_info && num_protect) {
memcpy(p_buf->p_protect_info, p_protect_info, num_protect);
}
bta_sys_sendmsg(p_buf);
}
}

Wyświetl plik

@ -74,21 +74,17 @@ void bta_av_ci_setconfig(tBTA_AV_HNDL hndl, UINT8 err_code, UINT8 category,
{
tBTA_AV_CI_SETCONFIG *p_buf;
if ((p_buf = (tBTA_AV_CI_SETCONFIG *) osi_malloc(sizeof(tBTA_AV_CI_SETCONFIG))) != NULL) {
if ((p_buf = (tBTA_AV_CI_SETCONFIG *) osi_malloc(sizeof(tBTA_AV_CI_SETCONFIG) + num_seid)) != NULL) {
p_buf->hdr.layer_specific = hndl;
p_buf->hdr.event = (err_code == AVDT_SUCCESS) ?
BTA_AV_CI_SETCONFIG_OK_EVT : BTA_AV_CI_SETCONFIG_FAIL_EVT;
p_buf->err_code = err_code;
p_buf->category = category;
p_buf->recfg_needed = recfg_needed;
p_buf->num_seid = num_seid;
p_buf->avdt_handle = avdt_handle;
p_buf->num_seid = num_seid;
if (p_seid && num_seid) {
p_buf->p_seid = (UINT8 *)(p_buf + 1);
memcpy(p_buf->p_seid, p_seid, num_seid);
} else {
p_buf->p_seid = NULL;
p_buf->num_seid = 0;
}
bta_sys_sendmsg(p_buf);

Wyświetl plik

@ -474,6 +474,7 @@ static void bta_av_api_sink_enable(tBTA_AV_DATA *p_data)
APPL_TRACE_DEBUG("bta_av_api_sink_enable %d \n", activate_sink)
char p_service_name[BTA_SERVICE_NAME_LEN + 1];
BCM_STRNCPY_S(p_service_name, BTIF_AVK_SERVICE_NAME, BTA_SERVICE_NAME_LEN);
p_service_name[BTA_SERVICE_NAME_LEN] = '\0';
if (activate_sink) {
AVDT_SINK_Activate();
@ -537,6 +538,7 @@ static void bta_av_api_register(tBTA_AV_DATA *p_data)
UINT8 index = 0;
char p_avk_service_name[BTA_SERVICE_NAME_LEN + 1];
BCM_STRNCPY_S(p_avk_service_name, BTIF_AVK_SERVICE_NAME, BTA_SERVICE_NAME_LEN);
p_avk_service_name[BTA_SERVICE_NAME_LEN] = '\0';
memset(&cs, 0, sizeof(tAVDT_CS));

Wyświetl plik

@ -264,10 +264,10 @@ typedef struct {
typedef struct {
BT_HDR hdr;
UINT8 codec_info[AVDT_CODEC_SIZE]; /* codec configuration */
UINT8 *p_protect_info;
UINT8 num_protect;
BOOLEAN suspend;
UINT8 sep_info_idx;
UINT8 num_protect;
UINT8 p_protect_info[0];
} tBTA_AV_API_RCFG;
/* data type for BTA_AV_CI_SETCONFIG_OK_EVT and BTA_AV_CI_SETCONFIG_FAIL_EVT */
@ -276,10 +276,10 @@ typedef struct {
tBTA_AV_HNDL hndl;
UINT8 err_code;
UINT8 category;
UINT8 num_seid;
UINT8 *p_seid;
BOOLEAN recfg_needed;
UINT8 avdt_handle; /* local sep type for which this stream will be set up */
UINT8 num_seid;
UINT8 p_seid[0];
} tBTA_AV_CI_SETCONFIG;
/* data type for all stream events from AVDTP */

Wyświetl plik

@ -705,7 +705,7 @@ static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr, tBT_TRANSPORT tr
APPL_TRACE_DEBUG("bta_dm_read_remote_device_name");
bdcpy(bta_dm_search_cb.peer_bdaddr, bd_addr);
bta_dm_search_cb.peer_name[0] = 0;
bta_dm_search_cb.peer_name[0] = '\0';
btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
(tBTM_CMPL_CB *) bta_dm_remname_cback,
@ -743,7 +743,7 @@ void bta_dm_read_rmt_name(tBTA_DM_MSG *p_data)
{
APPL_TRACE_DEBUG("%s",__func__);
bdcpy(bta_dm_search_cb.peer_bdaddr, p_data->get_rmt_name.rmt_addr);
bta_dm_search_cb.peer_name[0] = 0;
bta_dm_search_cb.peer_name[0] = '\0';
tBTM_STATUS btm_status = BTM_ReadRemoteDeviceName(bta_dm_search_cb.peer_bdaddr,
(tBTM_CMPL_CB *) p_data->get_rmt_name.rmt_name_cb,
@ -1621,7 +1621,7 @@ void bta_dm_discover (tBTA_DM_MSG *p_data)
bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
bta_dm_search_cb.service_index = 0;
bta_dm_search_cb.services_found = 0;
bta_dm_search_cb.peer_name[0] = 0;
bta_dm_search_cb.peer_name[0] = '\0';
bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead (p_data->discover.bd_addr);
bta_dm_search_cb.transport = p_data->discover.transport;
@ -1896,8 +1896,8 @@ void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid)) {
/* send result back to app now, one by one */
bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)result.disc_ble_res.bd_name, bta_dm_get_remname(), (BD_NAME_LEN));
result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
BCM_STRNCPY_S((char *)result.disc_ble_res.bd_name, bta_dm_get_remname(), BD_NAME_LEN);
result.disc_ble_res.bd_name[BD_NAME_LEN] = '\0';
result.disc_ble_res.service.len = service_uuid.len;
result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16;
@ -2037,10 +2037,8 @@ void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
}
bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name, bta_dm_get_remname(), (BD_NAME_LEN - 1));
/* make sure the string is null terminated */
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name, bta_dm_get_remname(), BD_NAME_LEN);
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = '\0';
bta_sys_sendmsg(p_msg);
}
@ -2063,10 +2061,8 @@ void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
p_msg->disc_result.result.disc_res.result = BTA_FAILURE;
p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name,bta_dm_get_remname(), (BD_NAME_LEN - 1));
/* make sure the string is null terminated */
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name, bta_dm_get_remname(), BD_NAME_LEN);
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = '\0';
bta_sys_sendmsg(p_msg);
}
@ -2447,10 +2443,8 @@ static void bta_dm_find_services ( BD_ADDR bd_addr)
p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name,bta_dm_get_remname(), (BD_NAME_LEN - 1));
/* make sure the string is terminated */
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name,bta_dm_get_remname(), BD_NAME_LEN);
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = '\0';
bta_sys_sendmsg(p_msg);
}
@ -2632,10 +2626,8 @@ static void bta_dm_discover_device(BD_ADDR remote_bd_addr)
p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name,(char *)bta_dm_search_cb.peer_name, (BD_NAME_LEN - 1));
/* make sure the string is terminated */
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name, bta_dm_get_remname(), BD_NAME_LEN);
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = '\0';
bta_sys_sendmsg(p_msg);
}
@ -2772,11 +2764,11 @@ static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc,
/* if this is what we are looking for */
if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr)) {
rem_name.length = strlen((char *)bd_name);
if (rem_name.length > (BD_NAME_LEN - 1)) {
rem_name.length = (BD_NAME_LEN - 1);
rem_name.remote_bd_name[(BD_NAME_LEN - 1)] = 0;
if (rem_name.length > BD_NAME_LEN) {
rem_name.length = BD_NAME_LEN;
}
BCM_STRNCPY_S((char *)rem_name.remote_bd_name, (char *)bd_name, (BD_NAME_LEN - 1));
BCM_STRNCPY_S((char *)rem_name.remote_bd_name, (char *)bd_name, BD_NAME_LEN);
rem_name.remote_bd_name[BD_NAME_LEN] = '\0';
rem_name.status = BTM_SUCCESS;
bta_dm_remname_cback(&rem_name);
@ -2793,7 +2785,7 @@ static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc,
APPL_TRACE_WARNING("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
rem_name.length = 0;
rem_name.remote_bd_name[0] = 0;
rem_name.remote_bd_name[0] = '\0';
rem_name.status = btm_status;
bta_dm_remname_cback(&rem_name);
}
@ -2818,8 +2810,8 @@ static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name)
p_remote_name->remote_bd_name);
/* remote name discovery is done but it could be failed */
bta_dm_search_cb.name_discover_done = TRUE;
BCM_STRNCPY_S((char *)bta_dm_search_cb.peer_name, (char *)p_remote_name->remote_bd_name, (BD_NAME_LEN));
bta_dm_search_cb.peer_name[BD_NAME_LEN] = 0;
BCM_STRNCPY_S((char *)bta_dm_search_cb.peer_name, (char *)p_remote_name->remote_bd_name, BD_NAME_LEN);
bta_dm_search_cb.peer_name[BD_NAME_LEN] = '\0';
BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
@ -2831,10 +2823,8 @@ static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name)
if ((p_msg = (tBTA_DM_REM_NAME *) osi_malloc(sizeof(tBTA_DM_REM_NAME))) != NULL) {
bdcpy (p_msg->result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)p_msg->result.disc_res.bd_name, (char *)p_remote_name->remote_bd_name, (BD_NAME_LEN));
/* make sure the string is null terminated */
p_msg->result.disc_res.bd_name[BD_NAME_LEN] = 0;
BCM_STRNCPY_S((char *)p_msg->result.disc_res.bd_name, (char *)p_remote_name->remote_bd_name, BD_NAME_LEN);
p_msg->result.disc_res.bd_name[BD_NAME_LEN] = '\0';
p_msg->hdr.event = BTA_DM_REMT_NAME_EVT;
bta_sys_sendmsg(p_msg);
@ -2862,10 +2852,8 @@ static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NA
bdcpy(sec_event.authorize.bd_addr, bd_addr);
memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN);
BCM_STRNCPY_S((char *)sec_event.authorize.bd_name, (char *)bd_name, (BD_NAME_LEN - 1));
/* make sure the string is null terminated */
sec_event.authorize.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.authorize.bd_name, (char *)bd_name, BD_NAME_LEN);
sec_event.authorize.bd_name[BD_NAME_LEN] = '\0';
#if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
sec_event.authorize.service = service_id;
@ -2911,7 +2899,6 @@ static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NA
{
tBTM_REMOTE_DEV_NAME *p_result = (tBTM_REMOTE_DEV_NAME *)p_data;
tBTA_DM_SEC sec_event;
UINT32 bytes_to_copy;
tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt;
if (BTA_DM_SP_CFM_REQ_EVT == event) {
@ -2920,12 +2907,10 @@ static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NA
BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class);
if (p_result && p_result->status == BTM_SUCCESS) {
bytes_to_copy = (p_result->length < (BD_NAME_LEN - 1))
? p_result->length : (BD_NAME_LEN - 1);
memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
sec_event.pin_req.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.cfm_req.bd_name, (char *)p_result->remote_bd_name, BD_NAME_LEN);
sec_event.pin_req.bd_name[BD_NAME_LEN] = '\0';
} else { /* No name found */
sec_event.cfm_req.bd_name[0] = 0;
sec_event.cfm_req.bd_name[0] = '\0';
}
sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
@ -2938,12 +2923,10 @@ static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NA
BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class);
if (p_result && p_result->status == BTM_SUCCESS) {
bytes_to_copy = (p_result->length < (BD_NAME_LEN - 1))
? p_result->length : (BD_NAME_LEN - 1);
memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
sec_event.pin_req.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.pin_req.bd_name, (char *)p_result->remote_bd_name, BD_NAME_LEN);
sec_event.pin_req.bd_name[BD_NAME_LEN] = '\0';
} else { /* No name found */
sec_event.pin_req.bd_name[0] = 0;
sec_event.pin_req.bd_name[0] = '\0';
}
event = bta_dm_cb.pin_evt;
@ -2976,8 +2959,8 @@ static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_
bdcpy(sec_event.pin_req.bd_addr, bd_addr);
BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class);
BCM_STRNCPY_S((char *)sec_event.pin_req.bd_name, (char *)bd_name, (BD_NAME_LEN - 1));
sec_event.pin_req.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.pin_req.bd_name, (char *)bd_name, BD_NAME_LEN);
sec_event.pin_req.bd_name[BD_NAME_LEN] = '\0';
sec_event.pin_req.min_16_digit = min_16_digit;
bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
@ -3151,8 +3134,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
copy these values into key_notif from cfm_req */
bdcpy(sec_event.key_notif.bd_addr, p_data->cfm_req.bd_addr);
BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->cfm_req.dev_class);
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name, (char *)p_data->cfm_req.bd_name, (BD_NAME_LEN - 1));
sec_event.key_notif.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name, (char *)p_data->cfm_req.bd_name, BD_NAME_LEN);
sec_event.key_notif.bd_name[BD_NAME_LEN] = '\0';
}
}
@ -3172,8 +3155,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
} else {
bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr);
BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class);
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name, (char *)p_data->key_notif.bd_name, (BD_NAME_LEN - 1));
sec_event.key_notif.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name, (char *)p_data->key_notif.bd_name, BD_NAME_LEN);
sec_event.key_notif.bd_name[BD_NAME_LEN] = '\0';
}
}
@ -3193,8 +3176,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
} else {
bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr);
BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class);
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name,(char *)p_data->key_notif.bd_name, (BD_NAME_LEN - 1));
sec_event.key_notif.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name,(char *)p_data->key_notif.bd_name, BD_NAME_LEN);
sec_event.key_notif.bd_name[BD_NAME_LEN] = '\0';
}
}
bta_dm_cb.p_sec_cback(pin_evt, &sec_event);
@ -3222,8 +3205,8 @@ static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr);
BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class);
BCM_STRNCPY_S((char *)sec_event.rmt_oob.bd_name, (char *)p_data->rmt_oob.bd_name, (BD_NAME_LEN - 1));
sec_event.rmt_oob.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)sec_event.rmt_oob.bd_name, (char *)p_data->rmt_oob.bd_name, BD_NAME_LEN);
sec_event.rmt_oob.bd_name[BD_NAME_LEN] = '\0';
bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event);
@ -4656,11 +4639,11 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D
bdcpy(sec_event.ble_req.bd_addr, bda);
p_name = BTM_SecReadDevName(bda);
if (p_name != NULL) {
BCM_STRNCPY_S((char *)sec_event.ble_req.bd_name,p_name, (BD_NAME_LEN));
BCM_STRNCPY_S((char *)sec_event.ble_req.bd_name, p_name, BD_NAME_LEN);
sec_event.ble_req.bd_name[BD_NAME_LEN] = '\0';
} else {
sec_event.ble_req.bd_name[0] = 0;
sec_event.ble_req.bd_name[0] = '\0';
}
sec_event.ble_req.bd_name[BD_NAME_LEN] = 0;
bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event);
break;
@ -4668,11 +4651,11 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D
bdcpy(sec_event.key_notif.bd_addr, bda);
p_name = BTM_SecReadDevName(bda);
if (p_name != NULL) {
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name, p_name, (BD_NAME_LEN));
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name, p_name, BD_NAME_LEN);
sec_event.key_notif.bd_name[BD_NAME_LEN] = '\0';
} else {
sec_event.key_notif.bd_name[0] = 0;
sec_event.key_notif.bd_name[0] = '\0';
}
sec_event.ble_req.bd_name[BD_NAME_LEN] = 0;
sec_event.key_notif.passkey = p_data->key_notif;
bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_NOTIF_EVT, &sec_event);
break;
@ -4689,8 +4672,8 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D
case BTM_LE_NC_REQ_EVT:
bdcpy(sec_event.key_notif.bd_addr, bda);
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name,bta_dm_get_remname(), (BD_NAME_LEN));
sec_event.ble_req.bd_name[BD_NAME_LEN] = 0;
BCM_STRNCPY_S((char *)sec_event.key_notif.bd_name,bta_dm_get_remname(), BD_NAME_LEN);
sec_event.key_notif.bd_name[BD_NAME_LEN] = '\0';
sec_event.key_notif.passkey = p_data->key_notif;
bta_dm_cb.p_sec_cback(BTA_DM_BLE_NC_REQ_EVT, &sec_event);
break;
@ -4709,9 +4692,10 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D
#endif
p_name = BTM_SecReadDevName(bda);
if (p_name != NULL) {
BCM_STRNCPY_S((char *)sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN));
BCM_STRNCPY_S((char *)sec_event.auth_cmpl.bd_name, p_name, BD_NAME_LEN);
sec_event.auth_cmpl.bd_name[BD_NAME_LEN] = '\0';
} else {
sec_event.auth_cmpl.bd_name[0] = 0;
sec_event.auth_cmpl.bd_name[0] = '\0';
}
if (p_data->complt.reason != 0) {
sec_event.auth_cmpl.fail_reason = BTA_DM_AUTH_CONVERT_SMP_CODE(((UINT8)p_data->complt.reason));
@ -6197,8 +6181,8 @@ static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)
/* send result back to app now, one by one */
bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)result.disc_ble_res.bd_name, bta_dm_get_remname(), (BD_NAME_LEN - 1));
result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
BCM_STRNCPY_S((char *)result.disc_ble_res.bd_name, bta_dm_get_remname(), BD_NAME_LEN);
result.disc_ble_res.bd_name[BD_NAME_LEN] = '\0';
memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID));
bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
@ -6240,10 +6224,8 @@ static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status)
p_msg->disc_result.result.disc_res.num_uuids = 0;
p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name,bta_dm_get_remname(), (BD_NAME_LEN - 1));
/* make sure the string is terminated */
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)p_msg->disc_result.result.disc_res.bd_name, bta_dm_get_remname(), BD_NAME_LEN);
p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN] = '\0';
p_msg->disc_result.result.disc_res.device_type |= BT_DEVICE_TYPE_BLE;
if ( bta_dm_search_cb.ble_raw_used > 0 ) {

Wyświetl plik

@ -174,8 +174,8 @@ void BTA_DmSetDeviceName(const char *p_name)
if ((p_msg = (tBTA_DM_API_SET_NAME *) osi_malloc(sizeof(tBTA_DM_API_SET_NAME))) != NULL) {
p_msg->hdr.event = BTA_DM_API_SET_NAME_EVT;
/* truncate the name if needed */
BCM_STRNCPY_S((char *)p_msg->name, p_name, BD_NAME_LEN - 1);
p_msg->name[BD_NAME_LEN - 1] = 0;
BCM_STRNCPY_S((char *)p_msg->name, p_name, BD_NAME_LEN);
p_msg->name[BD_NAME_LEN] = '\0';
bta_sys_sendmsg(p_msg);
}

Wyświetl plik

@ -123,9 +123,9 @@ void BTA_AgRegister(tBTA_SERVICE_MASK services, tBTA_SEC sec_mask,tBTA_AG_FEAT f
for (i = 0; i < BTA_AG_NUM_IDX; i++) {
if(p_service_names[i]) {
BCM_STRNCPY_S(p_buf->p_name[i], p_service_names[i], BTA_SERVICE_NAME_LEN);
p_buf->p_name[i][BTA_SERVICE_NAME_LEN] = 0;
p_buf->p_name[i][BTA_SERVICE_NAME_LEN] = '\0';
} else {
p_buf->p_name[i][0] = 0;
p_buf->p_name[i][0] = '\0';
}
}
bta_sys_sendmsg(p_buf);

Wyświetl plik

@ -798,7 +798,7 @@ void bta_ag_at_hsp_cback(tBTA_AG_SCB *p_scb, UINT16 cmd, UINT8 arg_type,
val.hdr.app_id = p_scb->app_id;
val.num = (UINT16) int_arg;
BCM_STRNCPY_S(val.str, p_arg, BTA_AG_AT_MAX_LEN);
val.str[BTA_AG_AT_MAX_LEN] = 0;
val.str[BTA_AG_AT_MAX_LEN] = '\0';
/* call callback with event */
(*bta_ag_cb.p_cback)(bta_ag_hsp_cb_evt[cmd], (tBTA_AG *) &val);
}
@ -836,7 +836,7 @@ void bta_ag_at_hfp_cback(tBTA_AG_SCB *p_scb, UINT16 cmd, UINT8 arg_type,
val.num = int_arg;
bdcpy(val.bd_addr, p_scb->peer_addr);
BCM_STRNCPY_S(val.str, p_arg, BTA_AG_AT_MAX_LEN);
val.str[BTA_AG_AT_MAX_LEN] = 0;
val.str[BTA_AG_AT_MAX_LEN] = '\0';
event = bta_ag_hfp_cb_evt[cmd];
switch (cmd)
@ -1212,7 +1212,7 @@ void bta_ag_at_err_cback(tBTA_AG_SCB *p_scb, BOOLEAN unknown, char *p_arg)
val.hdr.app_id = p_scb->app_id;
val.num = 0;
BCM_STRNCPY_S(val.str, p_arg, BTA_AG_AT_MAX_LEN);
val.str[BTA_AG_AT_MAX_LEN] = 0;
val.str[BTA_AG_AT_MAX_LEN] = '\0';
(*bta_ag_cb.p_cback)(BTA_AG_AT_UNAT_EVT, (tBTA_AG *) &val);
} else {
bta_ag_send_error(p_scb, BTA_AG_ERR_OP_NOT_SUPPORTED);
@ -1357,7 +1357,7 @@ void bta_ag_hfp_result(tBTA_AG_SCB *p_scb, tBTA_AG_API_RESULT *p_result)
}
}
APPL_TRACE_DEBUG("CLIP type :%d", p_result->data.num);
p_scb->clip[0] = 0;
p_scb->clip[0] = '\0';
if (p_result->data.str[0] != 0) {
snprintf(p_scb->clip, sizeof(p_scb->clip), "%s,%d", p_result->data.str, p_result->data.num);
}

Wyświetl plik

@ -142,7 +142,7 @@ void BTA_HfClientRegister(tBTA_SEC sec_mask, tBTA_HF_CLIENT_FEAT features,
p_buf->sec_mask = sec_mask;
if (p_service_name) {
BCM_STRNCPY_S(p_buf->name, p_service_name, BTA_SERVICE_NAME_LEN);
p_buf->name[BTA_SERVICE_NAME_LEN] = 0;
p_buf->name[BTA_SERVICE_NAME_LEN] = '\0';
} else {
p_buf->name[0] = '\0';
}

Wyświetl plik

@ -2304,7 +2304,7 @@ void btm_process_remote_name (BD_ADDR bda, BD_NAME bdn, UINT16 evt_len, UINT8 hc
else {
rem_name.status = BTM_BAD_VALUE_RET;
rem_name.length = 0;
rem_name.remote_bd_name[0] = 0;
rem_name.remote_bd_name[0] = '\0';
}
memcpy(rem_name.bd_addr, p_inq->remname_bda, BD_ADDR_LEN);
/* Reset the remote BAD to zero and call callback if possible */

Wyświetl plik

@ -592,6 +592,7 @@ static BOOLEAN btm_sec_set_security_level (CONNECTION_TYPE conn_type, const char
p_srec->orig_mx_chan_id = mx_chan_id;
#if BTM_SEC_SERVICE_NAME_LEN > 0
BCM_STRNCPY_S ((char *)p_srec->orig_service_name, p_name, BTM_SEC_SERVICE_NAME_LEN);
p_srec->orig_service_name[BTM_SEC_SERVICE_NAME_LEN] = '\0';
#endif
/* clear out the old setting, just in case it exists */
#if (L2CAP_UCD_INCLUDED == TRUE)
@ -637,6 +638,7 @@ static BOOLEAN btm_sec_set_security_level (CONNECTION_TYPE conn_type, const char
p_srec->term_mx_chan_id = mx_chan_id;
#if BTM_SEC_SERVICE_NAME_LEN > 0
BCM_STRNCPY_S ((char *)p_srec->term_service_name, p_name, BTM_SEC_SERVICE_NAME_LEN);
p_srec->term_service_name[BTM_SEC_SERVICE_NAME_LEN] = '\0';
#endif
/* clear out the old setting, just in case it exists */
#if (L2CAP_UCD_INCLUDED == TRUE)
@ -3031,11 +3033,12 @@ void btm_sec_rmt_name_request_complete (UINT8 *p_bd_addr, UINT8 *p_bd_name, UINT
old_sec_state = p_dev_rec->sec_state;
if (status == HCI_SUCCESS) {
BCM_STRNCPY_S ((char *)p_dev_rec->sec_bd_name, (char *)p_bd_name, BTM_MAX_REM_BD_NAME_LEN);
p_dev_rec->sec_bd_name[BTM_MAX_REM_BD_NAME_LEN] = '\0';
p_dev_rec->sec_flags |= BTM_SEC_NAME_KNOWN;
BTM_TRACE_EVENT ("setting BTM_SEC_NAME_KNOWN sec_flags:0x%x\n", p_dev_rec->sec_flags);
} else {
/* Notify all clients waiting for name to be resolved even if it failed so clients can continue */
p_dev_rec->sec_bd_name[0] = 0;
p_dev_rec->sec_bd_name[0] = '\0';
}
if (p_dev_rec->sec_state == BTM_SEC_STATE_GETTING_NAME) {
@ -3755,7 +3758,7 @@ void btm_rem_oob_req (UINT8 *p)
memcpy (evt_data.bd_addr, p_dev_rec->bd_addr, BD_ADDR_LEN);
memcpy (evt_data.dev_class, p_dev_rec->dev_class, DEV_CLASS_LEN);
BCM_STRNCPY_S((char *)evt_data.bd_name, (char *)p_dev_rec->sec_bd_name, BTM_MAX_REM_BD_NAME_LEN);
evt_data.bd_name[BTM_MAX_REM_BD_NAME_LEN] = 0;
evt_data.bd_name[BTM_MAX_REM_BD_NAME_LEN] = '\0';
btm_sec_change_pairing_state(BTM_PAIR_STATE_WAIT_LOCAL_OOB_RSP);
if ((*btm_cb.api.p_sp_callback) (BTM_SP_RMT_OOB_EVT, (tBTM_SP_EVT_DATA *)&evt_data) == BTM_NOT_AUTHORIZED) {
@ -4903,7 +4906,7 @@ static void btm_sec_pairing_timeout (TIMER_LIST_ENT *p_tle)
/* We need to notify the UI that no longer need the PIN */
if (btm_cb.api.p_auth_complete_callback) {
if (p_dev_rec == NULL) {
name[0] = 0;
name[0] = '\0';
(*btm_cb.api.p_auth_complete_callback) (p_cb->pairing_bda,
NULL,
name, HCI_ERR_CONNECTION_TOUT);
@ -4963,7 +4966,7 @@ static void btm_sec_pairing_timeout (TIMER_LIST_ENT *p_tle)
btm_sec_change_pairing_state (BTM_PAIR_STATE_IDLE);
if (btm_cb.api.p_auth_complete_callback) {
if (p_dev_rec == NULL) {
name[0] = 0;
name[0] = '\0';
(*btm_cb.api.p_auth_complete_callback) (p_cb->pairing_bda,
NULL,
name, HCI_ERR_CONNECTION_TOUT);