| Revision | ea3f41f36c161c6f7a847af38757a0fea11685a2 (tree) |
|---|---|
| Zeit | 2020-05-06 11:05:54 |
| Autor | Chih-Wei Huang <cwhuang@linu...> |
| Commiter | Chih-Wei Huang |
Merge tag 'android-9.0.0_r56' into pie-x86
Android 9.0.0 release 56
service/gatt_server.cc (diff) stack/a2dp/a2dp_aac_decoder.cc (diff) stack/smp/smp_cmac.cc (diff)| @@ -18,6 +18,7 @@ | ||
| 18 | 18 | |
| 19 | 19 | #include <base/logging.h> |
| 20 | 20 | |
| 21 | +#include "osi/include/log.h" | |
| 21 | 22 | #include "service/logging_helpers.h" |
| 22 | 23 | #include "stack/include/bt_types.h" |
| 23 | 24 |
| @@ -116,6 +117,12 @@ bool GattServer::SendResponse(const std::string& device_address, int request_id, | ||
| 116 | 117 | return false; |
| 117 | 118 | } |
| 118 | 119 | |
| 120 | + if (offset < 0) { | |
| 121 | + android_errorWriteLog(0x534e4554, "143231677"); | |
| 122 | + LOG(ERROR) << "Offset is less than 0 offset: " << offset; | |
| 123 | + return false; | |
| 124 | + } | |
| 125 | + | |
| 119 | 126 | if (value.size() + offset > BTGATT_MAX_ATTR_LEN) { |
| 120 | 127 | LOG(ERROR) << "Value is too large"; |
| 121 | 128 | return false; |
| @@ -30,7 +30,7 @@ | ||
| 30 | 30 | typedef struct { |
| 31 | 31 | HANDLE_AACDECODER aac_handle; |
| 32 | 32 | bool has_aac_handle; // True if aac_handle is valid |
| 33 | - INT_PCM* decode_buf; | |
| 33 | + INT_PCM* decode_buf = nullptr; | |
| 34 | 34 | decoded_data_callback_t decode_callback; |
| 35 | 35 | } tA2DP_AAC_DECODER_CB; |
| 36 | 36 |
| @@ -58,7 +58,7 @@ bool a2dp_aac_decoder_init(decoded_data_callback_t decode_callback) { | ||
| 58 | 58 | void a2dp_aac_decoder_cleanup(void) { |
| 59 | 59 | if (a2dp_aac_decoder_cb.has_aac_handle) |
| 60 | 60 | aacDecoder_Close(a2dp_aac_decoder_cb.aac_handle); |
| 61 | - free(a2dp_aac_decoder_cb.decode_buf); | |
| 61 | + osi_free(a2dp_aac_decoder_cb.decode_buf); | |
| 62 | 62 | memset(&a2dp_aac_decoder_cb, 0, sizeof(a2dp_aac_decoder_cb)); |
| 63 | 63 | } |
| 64 | 64 |
| @@ -278,7 +278,8 @@ static bool cmac_generate_subkey(BT_OCTET16 key) { | ||
| 278 | 278 | ******************************************************************************/ |
| 279 | 279 | bool aes_cipher_msg_auth_code(BT_OCTET16 key, uint8_t* input, uint16_t length, |
| 280 | 280 | uint16_t tlen, uint8_t* p_signature) { |
| 281 | - uint16_t len, diff; | |
| 281 | + uint32_t len; | |
| 282 | + uint16_t diff; | |
| 282 | 283 | uint16_t n = (length + BT_OCTET16_LEN - 1) / |
| 283 | 284 | BT_OCTET16_LEN; /* n is number of rounds */ |
| 284 | 285 | bool ret = false; |
Android-x86
Fork