| hci.c (9ce6dfa1632aacf8ab7d5458388a492245ad330b) | hci.c (43ce0351828e368713693d4c8e52ec0ac2d84fb8) |
|---|---|
| 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 1480 unchanged lines hidden (view full) --- 1489void le_handle_extended_advertisement_report(uint8_t *packet, uint16_t size) { 1490 uint16_t offset = 3; 1491 uint8_t num_reports = packet[offset++]; 1492 uint8_t event[2 + 255]; // use upper bound to avoid var size automatic var 1493 uint8_t i; 1494 for (i=0; (i<num_reports) && (offset < size);i++){ 1495 // sanity checks on data_length: 1496 uint16_t data_length = packet[offset + 23]; | 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 1480 unchanged lines hidden (view full) --- 1489void le_handle_extended_advertisement_report(uint8_t *packet, uint16_t size) { 1490 uint16_t offset = 3; 1491 uint8_t num_reports = packet[offset++]; 1492 uint8_t event[2 + 255]; // use upper bound to avoid var size automatic var 1493 uint8_t i; 1494 for (i=0; (i<num_reports) && (offset < size);i++){ 1495 // sanity checks on data_length: 1496 uint16_t data_length = packet[offset + 23]; |
| 1497 if (data_length > LE_ADVERTISING_DATA_SIZE) return; | 1497 if (data_length > LE_EXTENDED_ADVERTISING_DATA_SIZE) return; |
| 1498 if ((offset + 24u + data_length) > size) return; 1499 uint16_t event_type = little_endian_read_16(packet, offset); 1500 offset += 2; 1501 if ((event_type & 0x10) != 0) { 1502 // setup legacy event 1503 uint8_t legacy_event_type; 1504 switch (event_type){ 1505 case 0b0010011: --- 8564 unchanged lines hidden --- | 1498 if ((offset + 24u + data_length) > size) return; 1499 uint16_t event_type = little_endian_read_16(packet, offset); 1500 offset += 2; 1501 if ((event_type & 0x10) != 0) { 1502 // setup legacy event 1503 uint8_t legacy_event_type; 1504 switch (event_type){ 1505 case 0b0010011: --- 8564 unchanged lines hidden --- |