From e9dc0115fc3bff52d59acaddfe599837722fa5c8 Mon Sep 17 00:00:00 2001
From: island <island@espressif.com>
Date: Fri, 12 May 2017 14:30:33 +0800
Subject: [PATCH] component/bt: Add parameter check for attp_build_sr_msg
 function

---
 .../bt/bluedroid/stack/gatt/att_protocol.c     | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/components/bt/bluedroid/stack/gatt/att_protocol.c b/components/bt/bluedroid/stack/gatt/att_protocol.c
index 62bb12019c..28e4a25516 100644
--- a/components/bt/bluedroid/stack/gatt/att_protocol.c
+++ b/components/bt/bluedroid/stack/gatt/att_protocol.c
@@ -378,10 +378,26 @@ BT_HDR *attp_build_sr_msg(tGATT_TCB *p_tcb, UINT8 op_code, tGATT_SR_MSG *p_msg)
     switch (op_code) {
     case GATT_RSP_READ_BLOB:
     case GATT_RSP_PREPARE_WRITE:
+    case GATT_RSP_READ_BY_TYPE:
+    case GATT_RSP_READ:
+    case GATT_HANDLE_VALUE_NOTIF:
+    case GATT_HANDLE_VALUE_IND:
+    case GATT_RSP_ERROR:
+    case GATT_RSP_MTU:
+    /* Need to check the validation of parameter p_msg*/
         if (p_msg == NULL) {
-            GATT_TRACE_ERROR("Invalid prepare write response or read blob response, the rsp_msg can't be NULL.");
+            GATT_TRACE_ERROR("Invalid parameters in %s, op_code=0x%x, the p_msg should not be NULL.", __func__, op_code);
             return NULL;
         }
+        break;
+
+    default:
+        break;
+    }
+
+    switch (op_code) {
+    case GATT_RSP_READ_BLOB:
+    case GATT_RSP_PREPARE_WRITE:
         GATT_TRACE_EVENT ("ATT_RSP_READ_BLOB/GATT_RSP_PREPARE_WRITE: len = %d offset = %d",
                           p_msg->attr_value.len, p_msg->attr_value.offset);
         offset = p_msg->attr_value.offset;