patrick/zephyr
1
0
Fork 0
Code Issues Pull requests Actions 7 Packages Projects Releases Wiki Activity

Bluetooth: Controller: Fix parsing empty ADV_EXT_IND and ADV_SYNC_IND

Browse source 
Fix implementation to check for empty ADV_EXT_IND and
ADV_SYNC_IND PDUs, and not parse them incorrectly.

Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This commit is contained in:
Vinayak Kariappa Chettimada 2021-12-10 06:34:55 +05:30 committed by Carles Cufí
parent b374dc6a7f
commit 3f37210cd6
2 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
subsys/bluetooth/controller/ll_sw/nordic/lll/lll_scan_aux.c
View file

@ -135,6 +135,11 @@ uint8_t lll_scan_aux_setup(struct pdu_adv *pdu, uint8_t pdu_phy,
/* Get reference to extended header */
pri_com_hdr = (void *)&pdu->adv_ext_ind;
if (!pdu->len || !pri_com_hdr->ext_hdr_len) {
return 0U;
}
/* Get reference to flags and contents */
pri_hdr = (void *)pri_com_hdr->ext_hdr_adv_data;
pri_dptr = pri_hdr->data;

9
subsys/bluetooth/controller/ll_sw/ull_scan_aux.c
View file

@ -279,8 +279,13 @@ void ull_scan_aux_setup(memq_link_t *link, struct node_rx_hdr *rx)
pdu = (void *)((struct node_rx_pdu *)rx)->pdu;
p = (void *)&pdu->adv_ext_ind;
if (!p->ext_hdr_len) {
data_len = pdu->len - PDU_AC_EXT_HEADER_SIZE_MIN;
if (!pdu->len || !p->ext_hdr_len) {
if (pdu->len) {
data_len = pdu->len - PDU_AC_EXT_HEADER_SIZE_MIN;
} else {
data_len = 0U;
}
if (sync_lll) {
struct ll_sync_set *sync;