espressif/esp-nimble
1
0
Fork 0
mirror of https://github.com/espressif/esp-nimble.git synced 2026-06-05 21:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

nimble/host: Validate advertising instance before parsing event

Browse Source 
Advertising instance is used for indexing slave state array. Since
instance is provided by host invalid handle in event means there is
bug in controller.
This commit is contained in:
Szymon Janc
2024-09-23 15:10:28 +02:00
committed by Rahul Tank
parent 46f1139a05
commit 5532be7621
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nimble/host/src/ble_hs_hci_evt.c
+14
View File
@@ -971,6 +971,13 @@ ble_hs_hci_evt_le_adv_set_terminated(uint8_t subevent, const void *data,
return BLE_HS_ECONTROLLER;
}
/* this indicates bug in controller as host uses instances from
* 0-BLE_ADV_INSTANCES range only
*/
if (ev->adv_handle >= BLE_ADV_INSTANCES) {
return BLE_HS_ECONTROLLER;
}
if (ev->status == 0) {
/* ignore return code as we need to terminate advertising set anyway */
ble_gap_rx_conn_complete(&pend_conn_complete, ev->adv_handle);
@@ -992,6 +999,13 @@ ble_hs_hci_evt_le_scan_req_rcvd(uint8_t subevent, const void *data,
return BLE_HS_ECONTROLLER;
}
/* this indicates bug in controller as host uses instances from
* 0-BLE_ADV_INSTANCES range only
*/
if (ev->adv_handle >= BLE_ADV_INSTANCES) {
return BLE_HS_ECONTROLLER;
}
ble_gap_rx_scan_req_rcvd(ev);
#endif