diff --git a/components/bt/bluedroid/bta/gatt/bta_gattc_act.c b/components/bt/bluedroid/bta/gatt/bta_gattc_act.c index acb7650b00..724509d483 100644 --- a/components/bt/bluedroid/bta/gatt/bta_gattc_act.c +++ b/components/bt/bluedroid/bta/gatt/bta_gattc_act.c @@ -488,9 +488,14 @@ void bta_gattc_open(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data) { tBTA_GATTC_DATA gattc_data; BOOLEAN found_app = FALSE; + tGATT_TCB *p_tcb; - tGATT_TCB *p_tcb = gatt_find_tcb_by_addr(p_data->api_conn.remote_bda, BT_TRANSPORT_LE); - if(p_tcb && p_clcb && p_data) { + if (!p_clcb || !p_data) { + return; + } + + p_tcb = gatt_find_tcb_by_addr(p_data->api_conn.remote_bda, BT_TRANSPORT_LE); + if(p_tcb) { found_app = gatt_find_specific_app_in_hold_link(p_tcb, p_clcb->p_rcb->client_if); } /* open/hold a connection */ diff --git a/components/bt/bluedroid/bta/gatt/bta_gattc_api.c b/components/bt/bluedroid/bta/gatt/bta_gattc_api.c index d75c5a96a5..20f6438855 100644 --- a/components/bt/bluedroid/bta/gatt/bta_gattc_api.c +++ b/components/bt/bluedroid/bta/gatt/bta_gattc_api.c @@ -298,7 +298,7 @@ void BTA_GATTC_ServiceSearchRequest (UINT16 conn_id, tBT_UUID *p_srvc_uuid) ** Returns returns list_t of tBTA_GATTC_SERVICE or NULL. ** *******************************************************************************/ -const list_t* BTA_GATTC_GetServices(UINT16 conn_id) +const list_t* BTA_GATTC_GetServices(UINT16 conn_id) { return bta_gattc_get_services(conn_id); } @@ -315,7 +315,7 @@ const list_t* BTA_GATTC_GetServices(UINT16 conn_id) ** Returns returns pointer to tBTA_GATTC_CHARACTERISTIC or NULL. ** *******************************************************************************/ -const tBTA_GATTC_CHARACTERISTIC* BTA_GATTC_GetCharacteristic(UINT16 conn_id, UINT16 handle) +const tBTA_GATTC_CHARACTERISTIC* BTA_GATTC_GetCharacteristic(UINT16 conn_id, UINT16 handle) { return bta_gattc_get_characteristic(conn_id, handle); } @@ -759,7 +759,7 @@ void BTA_GATTC_PrepareWriteCharDescr (UINT16 conn_id, UINT16 handle, tBTA_GATT_AUTH_REQ auth_req) { tBTA_GATTC_API_WRITE *p_buf; - UINT16 len = sizeof(tBTA_GATTC_API_WRITE) + p_data->len; + UINT16 len = sizeof(tBTA_GATTC_API_WRITE); if (p_data != NULL) { len += p_data->len; @@ -998,7 +998,7 @@ void BTA_GATTC_CacheAssoc(tBTA_GATTC_IF client_if, BD_ADDR src_addr, BD_ADDR ass memcpy(p_buf->assoc_addr, assoc_addr, sizeof(BD_ADDR)); bta_sys_sendmsg(p_buf); - + } return; } diff --git a/components/bt/bluedroid/btc/core/btc_dm.c b/components/bt/bluedroid/btc/core/btc_dm.c index 6972380094..5a0ee6c5a8 100644 --- a/components/bt/bluedroid/btc/core/btc_dm.c +++ b/components/bt/bluedroid/btc/core/btc_dm.c @@ -391,6 +391,7 @@ static void btc_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl) break; default: status = BT_STATUS_FAIL; + break; } } #if (BTC_GAP_BT_INCLUDED == TRUE) diff --git a/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c b/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c index 5fd852ccb3..efeaea77eb 100644 --- a/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c +++ b/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c @@ -121,14 +121,14 @@ static void btc_gattc_copy_req_data(btc_msg_t *msg, void *p_dest, void *p_src) tBTA_GATTC *p_dest_data = (tBTA_GATTC *) p_dest; tBTA_GATTC *p_src_data = (tBTA_GATTC *) p_src; - if (!p_src_data || !p_dest_data) { + if (!p_src_data || !p_dest_data || !msg) { return; } // Allocate buffer for request data if necessary switch (msg->act) { case BTA_GATTC_READ_DESCR_EVT: - case BTA_GATTC_READ_CHAR_EVT: + case BTA_GATTC_READ_CHAR_EVT: case BTA_GATTC_READ_MULTIPLE_EVT: { if (p_src_data->read.p_value && p_src_data->read.p_value->p_value) { p_dest_data->read.p_value = (tBTA_GATT_UNFMT *)osi_malloc(sizeof(tBTA_GATT_UNFMT) + p_src_data->read.p_value->len); @@ -164,7 +164,7 @@ static void btc_gattc_free_req_data(btc_msg_t *msg) tBTA_GATTC *arg = (tBTA_GATTC *)(msg->arg); switch (msg->act) { case BTA_GATTC_READ_DESCR_EVT: - case BTA_GATTC_READ_CHAR_EVT: + case BTA_GATTC_READ_CHAR_EVT: case BTA_GATTC_READ_MULTIPLE_EVT: { if (arg->read.p_value) { osi_free(arg->read.p_value); diff --git a/components/bt/bluedroid/hci/hci_hal_h4.c b/components/bt/bluedroid/hci/hci_hal_h4.c index 819a9a7551..3191658ca8 100644 --- a/components/bt/bluedroid/hci/hci_hal_h4.c +++ b/components/bt/bluedroid/hci/hci_hal_h4.c @@ -249,11 +249,12 @@ static void hci_hal_h4_hdl_rx_packet(BT_HDR *packet) { uint8_t type, hdr_size; uint16_t length; - uint8_t *stream = packet->data + packet->offset; + uint8_t *stream = NULL; if (!packet) { return; } + stream = packet->data + packet->offset; #if (C2H_FLOW_CONTROL_INCLUDED == TRUE) hci_packet_complete(packet); diff --git a/components/bt/bluedroid/stack/btm/btm_ble.c b/components/bt/bluedroid/stack/btm/btm_ble.c index 356c02bd15..355e66d950 100644 --- a/components/bt/bluedroid/stack/btm/btm_ble.c +++ b/components/bt/bluedroid/stack/btm/btm_ble.c @@ -827,6 +827,7 @@ BOOLEAN BTM_UseLeLink (BD_ADDR bd_addr) tBTM_STATUS BTM_SetBleDataLength(BD_ADDR bd_addr, UINT16 tx_pdu_length) { tACL_CONN *p_acl = btm_bda_to_acl(bd_addr, BT_TRANSPORT_LE); + BTM_TRACE_DEBUG("%s: tx_pdu_length =%d", __FUNCTION__, tx_pdu_length); if (!controller_get_interface()->supports_ble_packet_extension()) { @@ -834,12 +835,12 @@ tBTM_STATUS BTM_SetBleDataLength(BD_ADDR bd_addr, UINT16 tx_pdu_length) return BTM_CONTROL_LE_DATA_LEN_UNSUPPORTED; } - if (!HCI_LE_DATA_LEN_EXT_SUPPORTED(p_acl->peer_le_features)) { - BTM_TRACE_ERROR("%s failed, peer does not support request", __FUNCTION__); - return BTM_PEER_LE_DATA_LEN_UNSUPPORTED; - } - if (p_acl != NULL) { + if (!HCI_LE_DATA_LEN_EXT_SUPPORTED(p_acl->peer_le_features)) { + BTM_TRACE_ERROR("%s failed, peer does not support request", __FUNCTION__); + return BTM_PEER_LE_DATA_LEN_UNSUPPORTED; + } + if (tx_pdu_length > BTM_BLE_DATA_SIZE_MAX) { tx_pdu_length = BTM_BLE_DATA_SIZE_MAX; } else if (tx_pdu_length < BTM_BLE_DATA_SIZE_MIN) { diff --git a/components/bt/bluedroid/stack/btm/btm_ble_gap.c b/components/bt/bluedroid/stack/btm/btm_ble_gap.c index 4ee2f935a6..8568c4d9cd 100644 --- a/components/bt/bluedroid/stack/btm/btm_ble_gap.c +++ b/components/bt/bluedroid/stack/btm/btm_ble_gap.c @@ -1388,6 +1388,8 @@ tBTM_STATUS BTM_BleSetAdvParamsAll(UINT16 adv_int_min, UINT16 adv_int_max, UINT8 if (p_dir_bda) { memcpy(&p_cb->direct_bda, p_dir_bda, sizeof(tBLE_BD_ADDR)); + } else { + return BTM_ILLEGAL_VALUE; } BTM_TRACE_EVENT ("update params for an active adv\n"); @@ -1714,8 +1716,10 @@ tBTM_STATUS BTM_UpdateBleDuplicateExceptionalList(uint8_t subcode, uint32_t type tBTM_UPDATE_DUPLICATE_EXCEPTIONAL_LIST_CMPL_CBACK update_exceptional_list_cmp_cb) { tBTM_BLE_CB *ble_cb = &btm_cb.ble_ctr_cb; - ble_cb->update_exceptional_list_cmp_cb = update_exceptional_list_cmp_cb; tBTM_STATUS status = BTM_NO_RESOURCES; + + ble_cb->update_exceptional_list_cmp_cb = update_exceptional_list_cmp_cb; + if (!controller_get_interface()->supports_ble()) { return BTM_ILLEGAL_VALUE; } @@ -1750,9 +1754,6 @@ tBTM_STATUS BTM_UpdateBleDuplicateExceptionalList(uint8_t subcode, uint32_t type //do nothing break; } - if(status == BTM_ILLEGAL_VALUE) { - return status; - } status = BTM_VendorSpecificCommand(HCI_VENDOR_BLE_UPDATE_DUPLICATE_EXCEPTIONAL_LIST, 1 + 4 + BD_ADDR_LEN, device_info_array, NULL); if(status == BTM_CMD_STARTED) { diff --git a/components/bt/bluedroid/stack/btm/btm_sec.c b/components/bt/bluedroid/stack/btm/btm_sec.c index fad74e1e10..637e2b3852 100644 --- a/components/bt/bluedroid/stack/btm/btm_sec.c +++ b/components/bt/bluedroid/stack/btm/btm_sec.c @@ -1507,8 +1507,8 @@ void BTM_ConfirmReqReply(tBTM_STATUS res, BD_ADDR bd_addr) if (res == BTM_SUCCESS) { if ((p_dev_rec = btm_find_dev (bd_addr)) != NULL) { p_dev_rec->sec_flags |= BTM_SEC_LINK_KEY_AUTHED; + p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED; } - p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED; } btsnd_hcic_user_conf_reply (bd_addr, TRUE); diff --git a/components/bt/bluedroid/stack/gatt/gatt_api.c b/components/bt/bluedroid/stack/gatt/gatt_api.c index 1cb0ee1157..00031dccb4 100644 --- a/components/bt/bluedroid/stack/gatt/gatt_api.c +++ b/components/bt/bluedroid/stack/gatt/gatt_api.c @@ -814,15 +814,16 @@ tGATT_STATUS GATTC_ConfigureMTU (UINT16 conn_id) GATT_TRACE_API ("GATTC_ConfigureMTU conn_id=%d mtu=%d", conn_id, mtu ); + if ((p_tcb == NULL) || (p_reg == NULL) || (mtu < GATT_DEF_BLE_MTU_SIZE) || (mtu > GATT_MAX_MTU_SIZE)) { + return GATT_ILLEGAL_PARAMETER; + } + + /* Validate that the link is BLE, not BR/EDR */ if (p_tcb->transport != BT_TRANSPORT_LE) { return GATT_ERROR; } - if ( (p_tcb == NULL) || (p_reg == NULL) || (mtu < GATT_DEF_BLE_MTU_SIZE) || (mtu > GATT_MAX_MTU_SIZE)) { - return GATT_ILLEGAL_PARAMETER; - } - if (gatt_is_clcb_allocated(conn_id)) { GATT_TRACE_ERROR("GATTC_ConfigureMTU GATT_BUSY conn_id = %d", conn_id); return GATT_BUSY; diff --git a/components/bt/bluedroid/stack/gatt/gatt_auth.c b/components/bt/bluedroid/stack/gatt/gatt_auth.c index e233ea0cad..f1e4075467 100644 --- a/components/bt/bluedroid/stack/gatt/gatt_auth.c +++ b/components/bt/bluedroid/stack/gatt/gatt_auth.c @@ -140,19 +140,20 @@ void gatt_verify_signature(tGATT_TCB *p_tcb, BT_HDR *p_buf) *******************************************************************************/ void gatt_sec_check_complete(BOOLEAN sec_check_ok, tGATT_CLCB *p_clcb, UINT8 sec_act) { - if (p_clcb && p_clcb->p_tcb && - fixed_queue_is_empty(p_clcb->p_tcb->pending_enc_clcb)) { - gatt_set_sec_act(p_clcb->p_tcb, GATT_SEC_NONE); - } + if (p_clcb && p_clcb->p_tcb) { + if (fixed_queue_is_empty(p_clcb->p_tcb->pending_enc_clcb)) { + gatt_set_sec_act(p_clcb->p_tcb, GATT_SEC_NONE); + } #if (GATTC_INCLUDED == TRUE) - if (!sec_check_ok) { - gatt_end_operation(p_clcb, GATT_AUTH_FAIL, NULL); - } else if (p_clcb->operation == GATTC_OPTYPE_WRITE) { - gatt_act_write(p_clcb, sec_act); - } else if (p_clcb->operation == GATTC_OPTYPE_READ) { - gatt_act_read(p_clcb, p_clcb->counter); - } + if (!sec_check_ok) { + gatt_end_operation(p_clcb, GATT_AUTH_FAIL, NULL); + } else if (p_clcb->operation == GATTC_OPTYPE_WRITE) { + gatt_act_write(p_clcb, sec_act); + } else if (p_clcb->operation == GATTC_OPTYPE_READ) { + gatt_act_read(p_clcb, p_clcb->counter); + } #endif ///GATTC_INCLUDED == TRUE + } } /******************************************************************************* ** diff --git a/components/bt/bluedroid/stack/include/stack/l2cdefs.h b/components/bt/bluedroid/stack/include/stack/l2cdefs.h index 56ddfb0df1..61a68f102e 100644 --- a/components/bt/bluedroid/stack/include/stack/l2cdefs.h +++ b/components/bt/bluedroid/stack/include/stack/l2cdefs.h @@ -257,11 +257,6 @@ #define L2CAP_EXTFEA_EXT_WINDOW 0x00000100 /* Extended Window Size */ #define L2CAP_EXTFEA_UCD_RECEPTION 0x00000200 /* Unicast Connectionless Data Reception */ -/* Mask for locally supported features used in Information Response (default to none) */ -#ifndef L2CAP_EXTFEA_SUPPORTED_MASK -#define L2CAP_EXTFEA_SUPPORTED_MASK 0 -#endif - /* Mask for LE supported features used in Information Response (default to none) */ #ifndef L2CAP_BLE_EXTFEA_MASK #define L2CAP_BLE_EXTFEA_MASK 0 diff --git a/components/bt/bluedroid/stack/l2cap/l2c_api.c b/components/bt/bluedroid/stack/l2cap/l2c_api.c index fc14de4c02..9bcf2d4d6c 100644 --- a/components/bt/bluedroid/stack/l2cap/l2c_api.c +++ b/components/bt/bluedroid/stack/l2cap/l2c_api.c @@ -1720,13 +1720,9 @@ BOOLEAN L2CA_ConnectFixedChnl (UINT16 fixed_cid, BD_ADDR rem_bda, tBLE_ADDR_TYPE return TRUE; } -#if BLE_INCLUDED == TRUE (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb) - (fixed_cid, p_lcb->remote_bd_addr, TRUE, 0, p_lcb->transport); -#else - (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb) - (fixed_cid, p_lcb->remote_bd_addr, TRUE, 0, BT_TRANSPORT_BR_EDR); -#endif + (fixed_cid, p_lcb->remote_bd_addr, TRUE, 0, transport); + return TRUE; } diff --git a/components/bt/bluedroid/stack/l2cap/l2c_main.c b/components/bt/bluedroid/stack/l2cap/l2c_main.c index 2f80342867..fd0330a07e 100644 --- a/components/bt/bluedroid/stack/l2cap/l2c_main.c +++ b/components/bt/bluedroid/stack/l2cap/l2c_main.c @@ -937,8 +937,8 @@ void l2c_process_timeout (TIMER_LIST_ENT *p_tle) if (p_lcb){ p_lcb->conn_update_mask &= ~L2C_BLE_UPDATE_PENDING; p_lcb->conn_update_mask &= ~L2C_BLE_UPDATE_PARAM_FULL; + l2c_send_update_conn_params_cb(p_lcb, status); } - l2c_send_update_conn_params_cb(p_lcb, status); break; } }