From 6276e71fc145cce2872903a6bc6eddee5687de72 Mon Sep 17 00:00:00 2001 From: zhiweijian Date: Mon, 14 Aug 2017 17:39:11 +0800 Subject: [PATCH] Component/bt: add check value and length for esp_ble_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, const uint8_t **value); --- components/bt/bluedroid/api/esp_gatts_api.c | 8 ++++---- components/bt/bluedroid/api/include/esp_gatts_api.h | 4 ++-- components/bt/bluedroid/bta/gatt/bta_gatts_act.c | 5 +++-- components/bt/bluedroid/bta/gatt/bta_gatts_api.c | 4 ++-- components/bt/bluedroid/bta/include/bta_gatt_api.h | 4 ++-- components/bt/bluedroid/bta/include/bta_gatts_int.h | 2 +- components/bt/bluedroid/btc/profile/std/gatt/btc_gatts.c | 4 ++-- .../bt/bluedroid/btc/profile/std/include/btc_gatts.h | 2 +- components/bt/bluedroid/stack/gatt/gatt_db.c | 8 ++++++++ 9 files changed, 25 insertions(+), 16 deletions(-) diff --git a/components/bt/bluedroid/api/esp_gatts_api.c b/components/bt/bluedroid/api/esp_gatts_api.c index 802256f77..d50db6b96 100644 --- a/components/bt/bluedroid/api/esp_gatts_api.c +++ b/components/bt/bluedroid/api/esp_gatts_api.c @@ -327,13 +327,13 @@ esp_err_t esp_ble_gatts_set_attr_value(uint16_t attr_handle, uint16_t length, co btc_gatts_arg_deep_copy) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL); } -esp_err_t esp_ble_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, const uint8_t **value) +esp_gatt_status_t esp_ble_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, const uint8_t **value) { if (attr_handle == ESP_GATT_ILLEGAL_HANDLE) { - return ESP_FAIL; + return ESP_GATT_INVALID_HANDLE; } - btc_gatts_get_attr_value(attr_handle, length, (uint8_t **)value); - return ESP_OK; + + return btc_gatts_get_attr_value(attr_handle, length, (uint8_t **)value); } esp_err_t esp_ble_gatts_open(esp_gatt_if_t gatts_if, esp_bd_addr_t remote_bda, bool is_direct) diff --git a/components/bt/bluedroid/api/include/esp_gatts_api.h b/components/bt/bluedroid/api/include/esp_gatts_api.h index 6bbc370a7..d964ac9b9 100644 --- a/components/bt/bluedroid/api/include/esp_gatts_api.h +++ b/components/bt/bluedroid/api/include/esp_gatts_api.h @@ -514,11 +514,11 @@ esp_err_t esp_ble_gatts_set_attr_value(uint16_t attr_handle, uint16_t length, co * @param[out] value: Pointer to attribute value payload, the value cannot be modified by user * * @return - * - ESP_OK : success + * - ESP_GATT_OK : success * - other : failed * */ -esp_err_t esp_ble_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, const uint8_t **value); +esp_gatt_status_t esp_ble_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, const uint8_t **value); /** diff --git a/components/bt/bluedroid/bta/gatt/bta_gatts_act.c b/components/bt/bluedroid/bta/gatt/bta_gatts_act.c index f2c601253..414b1e575 100644 --- a/components/bt/bluedroid/bta/gatt/bta_gatts_act.c +++ b/components/bt/bluedroid/bta/gatt/bta_gatts_act.c @@ -524,9 +524,10 @@ void bta_gatts_set_attr_value(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS_DATA *p_ } } -void bta_gatts_get_attr_value(UINT16 attr_handle, UINT16 *length, UINT8 **value) +tGATT_STATUS bta_gatts_get_attr_value(UINT16 attr_handle, UINT16 *length, UINT8 **value) { - GATTS_GetAttributeValue(attr_handle, length, value); + + return GATTS_GetAttributeValue(attr_handle, length, value); } /******************************************************************************* diff --git a/components/bt/bluedroid/bta/gatt/bta_gatts_api.c b/components/bt/bluedroid/bta/gatt/bta_gatts_api.c index c56a9fa58..1e7940a85 100644 --- a/components/bt/bluedroid/bta/gatt/bta_gatts_api.c +++ b/components/bt/bluedroid/bta/gatt/bta_gatts_api.c @@ -490,9 +490,9 @@ void BTA_SetAttributeValue(UINT16 attr_handle, UINT16 length, UINT8 *value) } -void BTA_GetAttributeValue(UINT16 attr_handle, UINT16 *length, UINT8 **value) +tBTA_GATT_STATUS BTA_GetAttributeValue(UINT16 attr_handle, UINT16 *length, UINT8 **value) { - bta_gatts_get_attr_value(attr_handle, length, value); + return bta_gatts_get_attr_value(attr_handle, length, value); } /******************************************************************************* diff --git a/components/bt/bluedroid/bta/include/bta_gatt_api.h b/components/bt/bluedroid/bta/include/bta_gatt_api.h index 349c7c6a2..e6dc5e8db 100644 --- a/components/bt/bluedroid/bta/include/bta_gatt_api.h +++ b/components/bt/bluedroid/bta/include/bta_gatt_api.h @@ -1409,10 +1409,10 @@ extern void BTA_SetAttributeValue(UINT16 attr_handle, UINT16 length, UINT8 *valu ** length - the value length which has been set to the attribute. ** value - the pointer to the value ** -** Returns None +** Returns tBTA_GATT_STATUS ** *******************************************************************************/ -extern void BTA_GetAttributeValue(UINT16 attr_handle, UINT16 *length, UINT8 **value); +extern tBTA_GATT_STATUS BTA_GetAttributeValue(UINT16 attr_handle, UINT16 *length, UINT8 **value); /******************************************************************************* ** diff --git a/components/bt/bluedroid/bta/include/bta_gatts_int.h b/components/bt/bluedroid/bta/include/bta_gatts_int.h index 0f9e689ac..03920ddfd 100644 --- a/components/bt/bluedroid/bta/include/bta_gatts_int.h +++ b/components/bt/bluedroid/bta/include/bta_gatts_int.h @@ -230,7 +230,7 @@ extern void bta_gatts_add_include_srvc(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS extern void bta_gatts_add_char(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS_DATA *p_msg); extern void bta_gatts_add_char_descr(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS_DATA *p_msg); extern void bta_gatts_set_attr_value(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS_DATA *p_msg); -extern void bta_gatts_get_attr_value(UINT16 attr_handle, UINT16 *length, UINT8 **value); +extern tGATT_STATUS bta_gatts_get_attr_value(UINT16 attr_handle, UINT16 *length, UINT8 **value); extern void bta_gatts_delete_service(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS_DATA *p_msg); extern void bta_gatts_start_service(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS_DATA *p_msg); extern void bta_gatts_stop_service(tBTA_GATTS_SRVC_CB *p_srvc_cb, tBTA_GATTS_DATA *p_msg); diff --git a/components/bt/bluedroid/btc/profile/std/gatt/btc_gatts.c b/components/bt/bluedroid/btc/profile/std/gatt/btc_gatts.c index bfaa1cb7a..35c6094bf 100644 --- a/components/bt/bluedroid/btc/profile/std/gatt/btc_gatts.c +++ b/components/bt/bluedroid/btc/profile/std/gatt/btc_gatts.c @@ -474,10 +474,10 @@ static esp_gatt_status_t btc_gatts_check_valid_attr_tab(esp_gatts_attr_db_t *gat return ESP_GATT_OK; } -void btc_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, uint8_t **value) +esp_gatt_status_t btc_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, uint8_t **value) { - BTA_GetAttributeValue(attr_handle, length, value); + return BTA_GetAttributeValue(attr_handle, length, value); } diff --git a/components/bt/bluedroid/btc/profile/std/include/btc_gatts.h b/components/bt/bluedroid/btc/profile/std/include/btc_gatts.h index 35cf84c5b..00f73875c 100644 --- a/components/bt/bluedroid/btc/profile/std/include/btc_gatts.h +++ b/components/bt/bluedroid/btc/profile/std/include/btc_gatts.h @@ -147,7 +147,7 @@ typedef union { void btc_gatts_call_handler(btc_msg_t *msg); void btc_gatts_cb_handler(btc_msg_t *msg); void btc_gatts_arg_deep_copy(btc_msg_t *msg, void *p_dest, void *p_src); -void btc_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, uint8_t **value); +esp_gatt_status_t btc_gatts_get_attr_value(uint16_t attr_handle, uint16_t *length, uint8_t **value); #endif /* __BTC_GATTS_H__ */ diff --git a/components/bt/bluedroid/stack/gatt/gatt_db.c b/components/bt/bluedroid/stack/gatt/gatt_db.c index 1fe69e004..26cb5845b 100644 --- a/components/bt/bluedroid/stack/gatt/gatt_db.c +++ b/components/bt/bluedroid/stack/gatt/gatt_db.c @@ -752,6 +752,14 @@ tGATT_STATUS gatts_get_attribute_value(tGATT_SVC_DB *p_db, UINT16 attr_handle, GATT_TRACE_ERROR("gatts_get_attribute_value Fail:p_db->p_attr_list is NULL.\n"); return GATT_INVALID_PDU; } + if (length == NULL){ + GATT_TRACE_ERROR("gatts_get_attribute_value Fail:length is NULL.\n"); + return GATT_INVALID_PDU; + } + if (value == NULL){ + GATT_TRACE_ERROR("gatts_get_attribute_value Fail:value is NULL.\n"); + return GATT_INVALID_PDU; + } p_cur = (tGATT_ATTR16 *) p_db->p_attr_list;