From 2a90241d7d652948c08e6aae605c9adabb750d1a Mon Sep 17 00:00:00 2001 From: Jin Cheng Date: Wed, 15 Nov 2023 11:03:05 +0800 Subject: [PATCH] fix(bt/bluedroid): Added some argument check in APIs of HFP AG --- components/bt/host/bluedroid/api/esp_hf_ag_api.c | 12 +++++++++++- .../host/bluedroid/api/include/api/esp_hf_ag_api.h | 4 ++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/components/bt/host/bluedroid/api/esp_hf_ag_api.c b/components/bt/host/bluedroid/api/esp_hf_ag_api.c index bd0c6a7916..f0db37d0eb 100644 --- a/components/bt/host/bluedroid/api/esp_hf_ag_api.c +++ b/components/bt/host/bluedroid/api/esp_hf_ag_api.c @@ -179,6 +179,9 @@ esp_err_t esp_bt_hf_volume_control(esp_bd_addr_t remote_addr, esp_hf_volume_cont if (esp_bluedroid_get_status() != ESP_BLUEDROID_STATUS_ENABLED) { return ESP_ERR_INVALID_STATE; } + if (volume < 0 || volume > 15) { + return ESP_ERR_INVALID_ARG; + } btc_msg_t msg; msg.sig = BTC_SIG_API_CALL; msg.pid = BTC_PID_HF; @@ -245,6 +248,9 @@ esp_err_t esp_bt_hf_indchange_notification(esp_bd_addr_t remote_addr, if (esp_bluedroid_get_status() != ESP_BLUEDROID_STATUS_ENABLED) { return ESP_ERR_INVALID_STATE; } + if (signal < 0 || signal > 5) { + return ESP_ERR_INVALID_ARG; + } btc_msg_t msg; msg.sig = BTC_SIG_API_CALL; msg.pid = BTC_PID_HF; @@ -272,6 +278,10 @@ esp_err_t esp_bt_hf_cind_response(esp_bd_addr_t remote_addr, if (esp_bluedroid_get_status() != ESP_BLUEDROID_STATUS_ENABLED) { return ESP_ERR_INVALID_STATE; } + if (signal < 0 || signal > 5 || batt_lev < 0 || batt_lev > 5) { + return ESP_ERR_INVALID_ARG; + } + btc_msg_t msg; msg.sig = BTC_SIG_API_CALL; msg.pid = BTC_PID_HF; @@ -350,7 +360,7 @@ esp_err_t esp_bt_hf_cnum_response(esp_bd_addr_t remote_addr, char *number, int n if (esp_bluedroid_get_status() != ESP_BLUEDROID_STATUS_ENABLED) { return ESP_ERR_INVALID_STATE; } - if (number == NULL) { + if (number == NULL || number_type < 128 || number_type > 175) { return ESP_ERR_INVALID_ARG; } btc_msg_t msg; diff --git a/components/bt/host/bluedroid/api/include/api/esp_hf_ag_api.h b/components/bt/host/bluedroid/api/include/api/esp_hf_ag_api.h index c5b4a1f83c..2b83cc99d0 100644 --- a/components/bt/host/bluedroid/api/include/api/esp_hf_ag_api.h +++ b/components/bt/host/bluedroid/api/include/api/esp_hf_ag_api.h @@ -401,6 +401,7 @@ esp_err_t esp_bt_hf_vra(esp_bd_addr_t remote_bda, esp_hf_vr_state_t value); * @return * - ESP_OK: disconnect request is sent to lower layer * - ESP_INVALID_STATE: if bluetooth stack is not yet enabled + * - ESP_ERR_INVALID_ARG: if arguments are invalid * - ESP_FAIL: others * */ @@ -452,6 +453,7 @@ esp_err_t esp_bt_hf_cmee_response(esp_bd_addr_t remote_bda, esp_hf_at_response_c * @return * - ESP_OK: disconnect request is sent to lower layer * - ESP_INVALID_STATE: if bluetooth stack is not yet enabled + * - ESP_ERR_INVALID_ARG: if arguments are invalid * - ESP_FAIL: others * */ @@ -475,6 +477,7 @@ esp_err_t esp_bt_hf_indchange_notification(esp_bd_addr_t remote_addr, esp_hf_cal * @return * - ESP_OK: disconnect request is sent to lower layer * - ESP_INVALID_STATE: if bluetooth stack is not yet enabled + * - ESP_ERR_INVALID_ARG: if the arguments are invalid * - ESP_FAIL: others * */ @@ -552,6 +555,7 @@ esp_err_t esp_bt_hf_cnum_response(esp_bd_addr_t remote_addr, char *number, int n * @return * - ESP_OK: disconnect request is sent to lower layer * - ESP_INVALID_STATE: if bluetooth stack is not yet enabled + * - ESP_ERR_INVALID_ARG: if arguments are invalid * - ESP_FAIL: others * */