From 4b408171589d273286f24ab74aaa60ad083432e0 Mon Sep 17 00:00:00 2001 From: zhanghaipeng Date: Wed, 28 Feb 2024 19:13:55 +0800 Subject: [PATCH 1/2] fix(ble/bluedroid): Fixed BLE crash when repeatedly initialize and deinitialize host --- components/bt/host/bluedroid/bta/dm/bta_dm_act.c | 5 +++++ components/bt/host/bluedroid/bta/dm/bta_dm_api.c | 1 - components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c | 7 +++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/components/bt/host/bluedroid/bta/dm/bta_dm_act.c b/components/bt/host/bluedroid/bta/dm/bta_dm_act.c index 0af3cc602d..c5530b5ec3 100644 --- a/components/bt/host/bluedroid/bta/dm/bta_dm_act.c +++ b/components/bt/host/bluedroid/bta/dm/bta_dm_act.c @@ -612,6 +612,11 @@ void bta_dm_disable (tBTA_DM_MSG *p_data) btm_ble_resolving_list_cleanup (); //by TH, because cmn_ble_vsc_cb.max_filter has something mistake as btm_ble_adv_filter_cleanup #endif +#if BLE_INCLUDED == TRUE + // btm_ble_multi_adv_init is called when the host is enabled, so btm_ble_multi_adv_cleanup is called when the host is disabled. + btm_ble_multi_adv_cleanup(); +#endif + } /******************************************************************************* diff --git a/components/bt/host/bluedroid/bta/dm/bta_dm_api.c b/components/bt/host/bluedroid/bta/dm/bta_dm_api.c index 3264fcccf5..ef8e4f56eb 100644 --- a/components/bt/host/bluedroid/bta/dm/bta_dm_api.c +++ b/components/bt/host/bluedroid/bta/dm/bta_dm_api.c @@ -2770,7 +2770,6 @@ void BTA_VendorCleanup (void) } #endif - btm_ble_multi_adv_cleanup(); } #if (BLE_50_FEATURE_SUPPORT == TRUE) void BTA_DmBleGapReadPHY(BD_ADDR addr) diff --git a/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c b/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c index 443dd64edf..bc300b0235 100644 --- a/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c +++ b/components/bt/host/bluedroid/stack/btm/btm_ble_multi_adv.c @@ -824,6 +824,13 @@ void btm_ble_multi_adv_init(void) *******************************************************************************/ void btm_ble_multi_adv_cleanup(void) { +#if BTM_DYNAMIC_MEMORY == TRUE + if (btm_multi_adv_cb_ptr == NULL) + { + BTM_TRACE_WARNING("%s memory has been freed", __func__); + return; + } +#endif if (btm_multi_adv_cb.p_adv_inst) { osi_free(btm_multi_adv_cb.p_adv_inst); btm_multi_adv_cb.p_adv_inst = NULL; From 7eebebff0cda8c0c10236b49088cf890d8628468 Mon Sep 17 00:00:00 2001 From: zhanghaipeng Date: Wed, 6 Mar 2024 18:08:51 +0800 Subject: [PATCH 2/2] fix(ble/bluedroid): Fixed BLE BLE periodic advertising parameter check --- components/bt/host/bluedroid/stack/btm/btm_ble_5_gap.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/components/bt/host/bluedroid/stack/btm/btm_ble_5_gap.c b/components/bt/host/bluedroid/stack/btm/btm_ble_5_gap.c index 9cec610150..51f7ded84c 100644 --- a/components/bt/host/bluedroid/stack/btm/btm_ble_5_gap.c +++ b/components/bt/host/bluedroid/stack/btm/btm_ble_5_gap.c @@ -794,8 +794,14 @@ tBTM_STATUS BTM_BlePeriodicAdvCreateSync(tBTM_BLE_Periodic_Sync_Params *params) } if ((params->sync_timeout < 0x0a || params->sync_timeout > 0x4000) - || (params->filter_policy > 0x01) || (params->addr_type > 0x01) || - (params->sid > 0xf) || (params->skip > 0x01F3)) { + || (params->filter_policy > 0x01) + /*If the Periodic Advertiser List is not used, + the Advertising_SID, Advertiser Address_Type, and Advertiser Address + parameters specify the periodic advertising device to listen to; otherwise they + shall be ignored.*/ + || (params->filter_policy == 0 && params->addr_type > 0x01) + || (params->filter_policy == 0 && params->sid > 0xf) + || (params->skip > 0x01F3)) { status = BTM_ILLEGAL_VALUE; BTM_TRACE_ERROR("%s, The sync parameters is invalid.", __func__); goto end;