espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-30 18:57:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(ble/bluedroid): Fix potential uint32_t overflow in BLE btu_start_timer

Browse Source 
(cherry picked from commit a9286567f0)

Co-authored-by: zhanghaipeng <zhanghaipeng@espressif.com>
This commit is contained in:
Zhang Hai Peng
2025-04-07 21:13:49 +08:00
committed by BLE BOT
parent ca79d255d1
commit 320f8bece2
9 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
components/bt/host/bluedroid/api/include/api/esp_gap_ble_api.h
View File

@ -1857,7 +1857,8 @@ esp_err_t esp_ble_gap_set_scan_params(esp_ble_scan_params_t *scan_params);
/** /**
* @brief This procedure keep the device scanning the peer device which advertising on the air * @brief This procedure keep the device scanning the peer device which advertising on the air
* *
* @param[in] duration: Keeping the scanning time, the unit is second. * @param[in] duration: The scanning duration in seconds.
* Set to 0 for continuous scanning until explicitly stopped.
* *
* @return * @return
* - ESP_OK : success * - ESP_OK : success

2
components/bt/host/bluedroid/stack/btu/btu_task.c
View File

@ -453,7 +453,7 @@ void btu_start_timer(TIMER_LIST_ENT *p_tle, UINT16 type, UINT32 timeout_sec)
// NOTE: This value is in seconds but stored in a ticks field. // NOTE: This value is in seconds but stored in a ticks field.
p_tle->ticks = timeout_sec; p_tle->ticks = timeout_sec;
p_tle->in_use = TRUE; p_tle->in_use = TRUE;
osi_alarm_set(alarm, (period_ms_t)(timeout_sec * 1000)); osi_alarm_set(alarm, (period_ms_t)((period_ms_t)timeout_sec * 1000));
} }

1
examples/bluetooth/bluedroid/ble/ble_eddystone_receiver/main/esp_eddystone_demo.c
View File

@ -84,6 +84,7 @@ static void esp_gap_cb(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param_t* par
switch(event) switch(event)
{ {
case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: { case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: {
// the unit of the duration is second, 0 means scan permanently
uint32_t duration = 0; uint32_t duration = 0;
esp_ble_gap_start_scanning(duration); esp_ble_gap_start_scanning(duration);
break; break;

2
examples/bluetooth/bluedroid/ble/ble_ibeacon/main/ibeacon_demo.c
View File

@ -73,7 +73,7 @@ static void esp_gap_cb(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param_t *par
} }
case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: { case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: {
#if (IBEACON_MODE == IBEACON_RECEIVER) #if (IBEACON_MODE == IBEACON_RECEIVER)
//the unit of the duration is second, 0 means scan permanently // the unit of the duration is second, 0 means scan permanently
uint32_t duration = 0; uint32_t duration = 0;
esp_ble_gap_start_scanning(duration); esp_ble_gap_start_scanning(duration);
#endif #endif

7
examples/bluetooth/bluedroid/ble/ble_spp_client/main/spp_client_demo.c
View File

@ -1,5 +1,5 @@
/* /*
* SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD * SPDX-FileCopyrightText: 2021-2025 Espressif Systems (Shanghai) CO LTD
* *
* SPDX-License-Identifier: Unlicense OR CC0-1.0 * SPDX-License-Identifier: Unlicense OR CC0-1.0
*/ */
@ -216,9 +216,8 @@ static void esp_gap_cb(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param_t *par
ESP_LOGE(GATTC_TAG, "Scan param set failed: %s", esp_err_to_name(err)); ESP_LOGE(GATTC_TAG, "Scan param set failed: %s", esp_err_to_name(err));
break; break;
} }
//the unit of the duration is second // the unit of the duration is second, 0 means scan permanently
uint32_t duration = 0xFFFF; uint32_t duration = 0;
ESP_LOGI(GATTC_TAG, "Enable Ble Scan:during time %04" PRIx32 " minutes.",duration);
esp_ble_gap_start_scanning(duration); esp_ble_gap_start_scanning(duration);
break; break;
} }

4
examples/bluetooth/bluedroid/ble/gatt_client/main/gattc_demo.c
View File

@ -325,7 +325,9 @@ static void esp_gap_cb(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param_t *par
uint8_t adv_name_len = 0; uint8_t adv_name_len = 0;
switch (event) { switch (event) {
case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: { case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: {
//the unit of the duration is second // The unit of duration is seconds.
// If duration is set to 0, scanning will continue indefinitely
// until esp_ble_gap_stop_scanning is explicitly called.
uint32_t duration = 30; uint32_t duration = 30;
esp_ble_gap_start_scanning(duration); esp_ble_gap_start_scanning(duration);
break; break;

2
examples/bluetooth/bluedroid/ble/gatt_security_client/main/example_ble_sec_gattc_demo.c
View File

@ -385,7 +385,7 @@ static void esp_gap_cb(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param_t *par
} }
break; break;
case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: { case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: {
//the unit of the duration is second // the unit of the duration is second, 0 means scan permanently
uint32_t duration = 30; uint32_t duration = 30;
esp_ble_gap_start_scanning(duration); esp_ble_gap_start_scanning(duration);
break; break;

2
examples/bluetooth/bluedroid/ble/gattc_multi_connect/main/gattc_multi_connect.c
View File

@ -775,7 +775,7 @@ static void esp_gap_cb(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param_t *par
param->update_conn_params.timeout); param->update_conn_params.timeout);
break; break;
case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: { case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: {
//the unit of the duration is second // the unit of the duration is second, 0 means scan permanently
uint32_t duration = 30; uint32_t duration = 30;
esp_ble_gap_start_scanning(duration); esp_ble_gap_start_scanning(duration);
break; break;

2
examples/bluetooth/bluedroid/coex/gattc_gatts_coex/main/gattc_gatts_coex.c
View File

@ -277,7 +277,7 @@ static void gap_event_handler(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param
break; break;
case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: { case ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT: {
ESP_LOGI(COEX_TAG, "ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT, set scan sparameters complete"); ESP_LOGI(COEX_TAG, "ESP_GAP_BLE_SCAN_PARAM_SET_COMPLETE_EVT, set scan sparameters complete");
//the unit of the duration is second // the unit of the duration is second, 0 means scan permanently
uint32_t duration = 120; uint32_t duration = 120;
esp_ble_gap_start_scanning(duration); esp_ble_gap_start_scanning(duration);
break; break;