1 /******************************************************************************
3 * Copyright (C) 1999-2012 Broadcom Corporation
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 ******************************************************************************/
19 /******************************************************************************
21 * this file contains SDP discovery functions
23 ******************************************************************************/
29 #include "bt_common.h"
30 #include "bt_target.h"
41 #define SDP_DEBUG_RAW false
44 /******************************************************************************/
45 /* L O C A L F U N C T I O N P R O T O T Y P E S */
46 /******************************************************************************/
47 static void process_service_search_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
48 uint8_t* p_reply_end);
49 static void process_service_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
50 uint8_t* p_reply_end);
51 static void process_service_search_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
52 uint8_t* p_reply_end);
53 static uint8_t* save_attr_seq(tCONN_CB* p_ccb, uint8_t* p, uint8_t* p_msg_end);
54 static tSDP_DISC_REC* add_record(tSDP_DISCOVERY_DB* p_db,
55 const RawAddress& p_bda);
56 static uint8_t* add_attr(uint8_t* p, tSDP_DISCOVERY_DB* p_db,
57 tSDP_DISC_REC* p_rec, uint16_t attr_id,
58 tSDP_DISC_ATTR* p_parent_attr, uint8_t nest_level);
60 /* Safety check in case we go crazy */
61 #define MAX_NEST_LEVELS 5
63 /*******************************************************************************
65 * Function sdpu_build_uuid_seq
67 * Description This function builds a UUID sequence from the list of
68 * passed UUIDs. It is also passed the address of the output
71 * Returns Pointer to next byte in the output buffer.
73 ******************************************************************************/
74 static uint8_t* sdpu_build_uuid_seq(uint8_t* p_out, uint16_t num_uuids,
75 tSDP_UUID* p_uuid_list) {
79 /* First thing is the data element header */
80 UINT8_TO_BE_STREAM(p_out, (DATA_ELE_SEQ_DESC_TYPE << 3) | SIZE_IN_NEXT_BYTE);
82 /* Remember where the length goes. Leave space for it. */
86 /* Now, loop through and put in all the UUID(s) */
87 for (xx = 0; xx < num_uuids; xx++, p_uuid_list++) {
88 if (p_uuid_list->len == LEN_UUID_16) {
89 UINT8_TO_BE_STREAM(p_out, (UUID_DESC_TYPE << 3) | SIZE_TWO_BYTES);
90 UINT16_TO_BE_STREAM(p_out, p_uuid_list->uu.uuid16);
91 } else if (p_uuid_list->len == LEN_UUID_32) {
92 UINT8_TO_BE_STREAM(p_out, (UUID_DESC_TYPE << 3) | SIZE_FOUR_BYTES);
93 UINT32_TO_BE_STREAM(p_out, p_uuid_list->uu.uuid32);
94 } else if (p_uuid_list->len == LEN_UUID_128) {
95 UINT8_TO_BE_STREAM(p_out, (UUID_DESC_TYPE << 3) | SIZE_SIXTEEN_BYTES);
96 ARRAY_TO_BE_STREAM(p_out, p_uuid_list->uu.uuid128, p_uuid_list->len);
98 SDP_TRACE_ERROR("SDP: Passed UUID has invalid length %x",
103 /* Now, put in the length */
104 xx = (uint16_t)(p_out - p_len - 1);
105 UINT8_TO_BE_STREAM(p_len, xx);
110 /*******************************************************************************
112 * Function sdp_snd_service_search_req
114 * Description Send a service search request to the SDP server.
118 ******************************************************************************/
119 static void sdp_snd_service_search_req(tCONN_CB* p_ccb, uint8_t cont_len,
121 uint8_t *p, *p_start, *p_param_len;
122 BT_HDR* p_cmd = (BT_HDR*)osi_malloc(SDP_DATA_BUF_SIZE);
125 /* Prepare the buffer for sending the packet to L2CAP */
126 p_cmd->offset = L2CAP_MIN_OFFSET;
127 p = p_start = (uint8_t*)(p_cmd + 1) + L2CAP_MIN_OFFSET;
129 /* Build a service search request packet */
130 UINT8_TO_BE_STREAM(p, SDP_PDU_SERVICE_SEARCH_REQ);
131 UINT16_TO_BE_STREAM(p, p_ccb->transaction_id);
132 p_ccb->transaction_id++;
134 /* Skip the length, we need to add it at the end */
138 /* Build the UID sequence. */
139 #if (SDP_BROWSE_PLUS == TRUE)
140 p = sdpu_build_uuid_seq(p, 1,
141 &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx]);
143 p = sdpu_build_uuid_seq(p, p_ccb->p_db->num_uuid_filters,
144 p_ccb->p_db->uuid_filters);
147 /* Set max service record count */
148 UINT16_TO_BE_STREAM(p, sdp_cb.max_recs_per_search);
150 /* Set continuation state */
151 UINT8_TO_BE_STREAM(p, cont_len);
153 /* if this is not the first request */
154 if (cont_len && p_cont) {
155 memcpy(p, p_cont, cont_len);
159 /* Go back and put the parameter length into the buffer */
160 param_len = (uint16_t)(p - p_param_len - 2);
161 UINT16_TO_BE_STREAM(p_param_len, param_len);
163 p_ccb->disc_state = SDP_DISC_WAIT_HANDLES;
165 /* Set the length of the SDP data in the buffer */
166 p_cmd->len = (uint16_t)(p - p_start);
168 #if (SDP_DEBUG_RAW == TRUE)
169 SDP_TRACE_WARNING("sdp_snd_service_search_req cont_len :%d disc_state:%d",
170 cont_len, p_ccb->disc_state);
173 L2CA_DataWrite(p_ccb->connection_id, p_cmd);
175 /* Start inactivity timer */
176 alarm_set_on_mloop(p_ccb->sdp_conn_timer, SDP_INACT_TIMEOUT_MS,
177 sdp_conn_timer_timeout, p_ccb);
180 /*******************************************************************************
182 * Function sdp_disc_connected
184 * Description This function is called when an SDP discovery attempt is
189 ******************************************************************************/
190 void sdp_disc_connected(tCONN_CB* p_ccb) {
191 if (p_ccb->is_attr_search) {
192 p_ccb->disc_state = SDP_DISC_WAIT_SEARCH_ATTR;
194 process_service_search_attr_rsp(p_ccb, NULL, NULL);
196 /* First step is to get a list of the handles from the server. */
197 /* We are not searching for a specific attribute, so we will */
198 /* first search for the service, then get all attributes of it */
200 p_ccb->num_handles = 0;
201 sdp_snd_service_search_req(p_ccb, 0, NULL);
205 /*******************************************************************************
207 * Function sdp_disc_server_rsp
209 * Description This function is called when there is a response from
214 ******************************************************************************/
215 void sdp_disc_server_rsp(tCONN_CB* p_ccb, BT_HDR* p_msg) {
217 bool invalid_pdu = true;
219 #if (SDP_DEBUG_RAW == TRUE)
220 SDP_TRACE_WARNING("sdp_disc_server_rsp disc_state:%d", p_ccb->disc_state);
223 /* stop inactivity timer when we receive a response */
224 alarm_cancel(p_ccb->sdp_conn_timer);
226 /* Got a reply!! Check what we got back */
227 p = (uint8_t*)(p_msg + 1) + p_msg->offset;
228 uint8_t* p_end = p + p_msg->len;
230 BE_STREAM_TO_UINT8(rsp_pdu, p);
235 case SDP_PDU_SERVICE_SEARCH_RSP:
236 if (p_ccb->disc_state == SDP_DISC_WAIT_HANDLES) {
237 process_service_search_rsp(p_ccb, p, p_end);
242 case SDP_PDU_SERVICE_ATTR_RSP:
243 if (p_ccb->disc_state == SDP_DISC_WAIT_ATTR) {
244 process_service_attr_rsp(p_ccb, p, p_end);
249 case SDP_PDU_SERVICE_SEARCH_ATTR_RSP:
250 if (p_ccb->disc_state == SDP_DISC_WAIT_SEARCH_ATTR) {
251 process_service_search_attr_rsp(p_ccb, p, p_end);
258 SDP_TRACE_WARNING("SDP - Unexp. PDU: %d in state: %d", rsp_pdu,
260 sdp_disconnect(p_ccb, SDP_GENERIC_ERROR);
264 /******************************************************************************
266 * Function process_service_search_rsp
268 * Description This function is called when there is a search response from
273 ******************************************************************************/
274 static void process_service_search_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
275 uint8_t* p_reply_end) {
277 uint16_t total, cur_handles, orig;
280 /* Skip transaction, and param len */
282 BE_STREAM_TO_UINT16(total, p_reply);
283 BE_STREAM_TO_UINT16(cur_handles, p_reply);
285 orig = p_ccb->num_handles;
286 p_ccb->num_handles += cur_handles;
287 if (p_ccb->num_handles == 0) {
288 SDP_TRACE_WARNING("SDP - Rcvd ServiceSearchRsp, no matches");
289 sdp_disconnect(p_ccb, SDP_NO_RECS_MATCH);
293 /* Save the handles that match. We will can only process a certain number. */
294 if (total > sdp_cb.max_recs_per_search) total = sdp_cb.max_recs_per_search;
295 if (p_ccb->num_handles > sdp_cb.max_recs_per_search)
296 p_ccb->num_handles = sdp_cb.max_recs_per_search;
298 for (xx = orig; xx < p_ccb->num_handles; xx++)
299 BE_STREAM_TO_UINT32(p_ccb->handles[xx], p_reply);
301 BE_STREAM_TO_UINT8(cont_len, p_reply);
303 if (cont_len > SDP_MAX_CONTINUATION_LEN) {
304 sdp_disconnect(p_ccb, SDP_INVALID_CONT_STATE);
307 if (p_reply + cont_len > p_reply_end) {
308 android_errorWriteLog(0x534e4554, "68161546");
309 sdp_disconnect(p_ccb, SDP_INVALID_CONT_STATE);
312 /* stay in the same state */
313 sdp_snd_service_search_req(p_ccb, cont_len, p_reply);
316 p_ccb->disc_state = SDP_DISC_WAIT_ATTR;
318 /* Kick off the first attribute request */
319 process_service_attr_rsp(p_ccb, NULL, NULL);
323 /*******************************************************************************
325 * Function sdp_copy_raw_data
327 * Description copy the raw data
332 ******************************************************************************/
333 #if (SDP_RAW_DATA_INCLUDED == TRUE)
334 static void sdp_copy_raw_data(tCONN_CB* p_ccb, bool offset) {
335 unsigned int cpy_len;
340 #if (SDP_DEBUG_RAW == TRUE)
341 uint8_t num_array[SDP_MAX_LIST_BYTE_COUNT];
344 for (i = 0; i < p_ccb->list_len; i++) {
345 snprintf((char*)&num_array[i * 2], sizeof(num_array) - i * 2, "%02X",
346 (uint8_t)(p_ccb->rsp_list[i]));
348 SDP_TRACE_WARNING("result :%s", num_array);
351 if (p_ccb->p_db->raw_data) {
352 cpy_len = p_ccb->p_db->raw_size - p_ccb->p_db->raw_used;
353 list_len = p_ccb->list_len;
354 p = &p_ccb->rsp_list[0];
358 p = sdpu_get_len_from_type(p, type, &list_len);
360 if (list_len < cpy_len) {
364 "%s: list_len:%d cpy_len:%d p:%p p_ccb:%p p_db:%p raw_size:%d "
365 "raw_used:%d raw_data:%p",
366 __func__, list_len, cpy_len, p, p_ccb, p_ccb->p_db,
367 p_ccb->p_db->raw_size, p_ccb->p_db->raw_used, p_ccb->p_db->raw_data);
368 memcpy(&p_ccb->p_db->raw_data[p_ccb->p_db->raw_used], p, cpy_len);
369 p_ccb->p_db->raw_used += cpy_len;
374 /*******************************************************************************
376 * Function process_service_attr_rsp
378 * Description This function is called when there is a attribute response
383 ******************************************************************************/
384 static void process_service_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
385 uint8_t* p_reply_end) {
386 uint8_t *p_start, *p_param_len;
387 uint16_t param_len, list_byte_count;
388 bool cont_request_needed = false;
390 #if (SDP_DEBUG_RAW == TRUE)
391 SDP_TRACE_WARNING("process_service_attr_rsp raw inc:%d",
392 SDP_RAW_DATA_INCLUDED);
394 /* If p_reply is NULL, we were called after the records handles were read */
396 #if (SDP_DEBUG_RAW == TRUE)
397 SDP_TRACE_WARNING("ID & len: 0x%02x-%02x-%02x-%02x", p_reply[0], p_reply[1],
398 p_reply[2], p_reply[3]);
400 /* Skip transaction ID and length */
403 BE_STREAM_TO_UINT16(list_byte_count, p_reply);
404 #if (SDP_DEBUG_RAW == TRUE)
405 SDP_TRACE_WARNING("list_byte_count:%d", list_byte_count);
408 /* Copy the response to the scratchpad. First, a safety check on the length
410 if ((p_ccb->list_len + list_byte_count) > SDP_MAX_LIST_BYTE_COUNT) {
411 sdp_disconnect(p_ccb, SDP_INVALID_PDU_SIZE);
415 #if (SDP_DEBUG_RAW == TRUE)
416 SDP_TRACE_WARNING("list_len: %d, list_byte_count: %d", p_ccb->list_len,
419 if (p_ccb->rsp_list == NULL)
420 p_ccb->rsp_list = (uint8_t*)osi_malloc(SDP_MAX_LIST_BYTE_COUNT);
421 memcpy(&p_ccb->rsp_list[p_ccb->list_len], p_reply, list_byte_count);
422 p_ccb->list_len += list_byte_count;
423 p_reply += list_byte_count;
424 #if (SDP_DEBUG_RAW == TRUE)
425 SDP_TRACE_WARNING("list_len: %d(attr_rsp)", p_ccb->list_len);
427 /* Check if we need to request a continuation */
428 SDP_TRACE_WARNING("*p_reply:%d(%d)", *p_reply, SDP_MAX_CONTINUATION_LEN);
431 if (*p_reply > SDP_MAX_CONTINUATION_LEN) {
432 sdp_disconnect(p_ccb, SDP_INVALID_CONT_STATE);
435 cont_request_needed = true;
437 #if (SDP_RAW_DATA_INCLUDED == TRUE)
438 SDP_TRACE_WARNING("process_service_attr_rsp");
439 sdp_copy_raw_data(p_ccb, false);
442 /* Save the response in the database. Stop on any error */
443 if (!save_attr_seq(p_ccb, &p_ccb->rsp_list[0],
444 &p_ccb->rsp_list[p_ccb->list_len])) {
445 sdp_disconnect(p_ccb, SDP_DB_FULL);
453 /* Now, ask for the next handle. Re-use the buffer we just got. */
454 if (p_ccb->cur_handle < p_ccb->num_handles) {
455 BT_HDR* p_msg = (BT_HDR*)osi_malloc(SDP_DATA_BUF_SIZE);
458 p_msg->offset = L2CAP_MIN_OFFSET;
459 p = p_start = (uint8_t*)(p_msg + 1) + L2CAP_MIN_OFFSET;
461 /* Get all the attributes from the server */
462 UINT8_TO_BE_STREAM(p, SDP_PDU_SERVICE_ATTR_REQ);
463 UINT16_TO_BE_STREAM(p, p_ccb->transaction_id);
464 p_ccb->transaction_id++;
466 /* Skip the length, we need to add it at the end */
470 UINT32_TO_BE_STREAM(p, p_ccb->handles[p_ccb->cur_handle]);
472 /* Max attribute byte count */
473 UINT16_TO_BE_STREAM(p, sdp_cb.max_attr_list_size);
475 /* If no attribute filters, build a wildcard attribute sequence */
476 if (p_ccb->p_db->num_attr_filters)
477 p = sdpu_build_attrib_seq(p, p_ccb->p_db->attr_filters,
478 p_ccb->p_db->num_attr_filters);
480 p = sdpu_build_attrib_seq(p, NULL, 0);
482 /* Was this a continuation request ? */
483 if (cont_request_needed) {
484 if ((p_reply + *p_reply + 1) <= p_reply_end) {
485 memcpy(p, p_reply, *p_reply + 1);
488 android_errorWriteLog(0x534e4554, "68161546");
491 UINT8_TO_BE_STREAM(p, 0);
493 /* Go back and put the parameter length into the buffer */
494 param_len = (uint16_t)(p - p_param_len - 2);
495 UINT16_TO_BE_STREAM(p_param_len, param_len);
497 /* Set the length of the SDP data in the buffer */
498 p_msg->len = (uint16_t)(p - p_start);
500 L2CA_DataWrite(p_ccb->connection_id, p_msg);
502 /* Start inactivity timer */
503 alarm_set_on_mloop(p_ccb->sdp_conn_timer, SDP_INACT_TIMEOUT_MS,
504 sdp_conn_timer_timeout, p_ccb);
506 sdp_disconnect(p_ccb, SDP_SUCCESS);
511 /*******************************************************************************
513 * Function process_service_search_attr_rsp
515 * Description This function is called when there is a search attribute
516 * response from the server.
520 ******************************************************************************/
521 static void process_service_search_attr_rsp(tCONN_CB* p_ccb, uint8_t* p_reply,
522 uint8_t* p_reply_end) {
523 uint8_t *p, *p_start, *p_end, *p_param_len;
526 uint16_t param_len, lists_byte_count = 0;
527 bool cont_request_needed = false;
529 #if (SDP_DEBUG_RAW == TRUE)
530 SDP_TRACE_WARNING("process_service_search_attr_rsp");
532 /* If p_reply is NULL, we were called for the initial read */
534 if (p_reply + 4 /* transaction ID and length */ + sizeof(lists_byte_count) >
536 android_errorWriteLog(0x534e4554, "79884292");
537 sdp_disconnect(p_ccb, SDP_INVALID_PDU_SIZE);
541 #if (SDP_DEBUG_RAW == TRUE)
542 SDP_TRACE_WARNING("ID & len: 0x%02x-%02x-%02x-%02x", p_reply[0], p_reply[1],
543 p_reply[2], p_reply[3]);
545 /* Skip transaction ID and length */
548 BE_STREAM_TO_UINT16(lists_byte_count, p_reply);
549 #if (SDP_DEBUG_RAW == TRUE)
550 SDP_TRACE_WARNING("lists_byte_count:%d", lists_byte_count);
553 /* Copy the response to the scratchpad. First, a safety check on the length
555 if ((p_ccb->list_len + lists_byte_count) > SDP_MAX_LIST_BYTE_COUNT) {
556 sdp_disconnect(p_ccb, SDP_INVALID_PDU_SIZE);
560 #if (SDP_DEBUG_RAW == TRUE)
561 SDP_TRACE_WARNING("list_len: %d, list_byte_count: %d", p_ccb->list_len,
565 if (p_reply + lists_byte_count + 1 /* continuation */ > p_reply_end) {
566 android_errorWriteLog(0x534e4554, "79884292");
567 sdp_disconnect(p_ccb, SDP_INVALID_PDU_SIZE);
571 if (p_ccb->rsp_list == NULL)
572 p_ccb->rsp_list = (uint8_t*)osi_malloc(SDP_MAX_LIST_BYTE_COUNT);
573 memcpy(&p_ccb->rsp_list[p_ccb->list_len], p_reply, lists_byte_count);
574 p_ccb->list_len += lists_byte_count;
575 p_reply += lists_byte_count;
576 #if (SDP_DEBUG_RAW == TRUE)
577 SDP_TRACE_WARNING("list_len: %d(search_attr_rsp)", p_ccb->list_len);
579 /* Check if we need to request a continuation */
580 SDP_TRACE_WARNING("*p_reply:%d(%d)", *p_reply, SDP_MAX_CONTINUATION_LEN);
583 if (*p_reply > SDP_MAX_CONTINUATION_LEN) {
584 sdp_disconnect(p_ccb, SDP_INVALID_CONT_STATE);
588 cont_request_needed = true;
592 #if (SDP_DEBUG_RAW == TRUE)
593 SDP_TRACE_WARNING("cont_request_needed:%d", cont_request_needed);
595 /* If continuation request (or first time request) */
596 if ((cont_request_needed) || (!p_reply)) {
597 BT_HDR* p_msg = (BT_HDR*)osi_malloc(SDP_DATA_BUF_SIZE);
600 p_msg->offset = L2CAP_MIN_OFFSET;
601 p = p_start = (uint8_t*)(p_msg + 1) + L2CAP_MIN_OFFSET;
603 /* Build a service search request packet */
604 UINT8_TO_BE_STREAM(p, SDP_PDU_SERVICE_SEARCH_ATTR_REQ);
605 UINT16_TO_BE_STREAM(p, p_ccb->transaction_id);
606 p_ccb->transaction_id++;
608 /* Skip the length, we need to add it at the end */
612 /* Build the UID sequence. */
613 #if (SDP_BROWSE_PLUS == TRUE)
614 p = sdpu_build_uuid_seq(p, 1,
615 &p_ccb->p_db->uuid_filters[p_ccb->cur_uuid_idx]);
617 p = sdpu_build_uuid_seq(p, p_ccb->p_db->num_uuid_filters,
618 p_ccb->p_db->uuid_filters);
621 /* Max attribute byte count */
622 UINT16_TO_BE_STREAM(p, sdp_cb.max_attr_list_size);
624 /* If no attribute filters, build a wildcard attribute sequence */
625 if (p_ccb->p_db->num_attr_filters)
626 p = sdpu_build_attrib_seq(p, p_ccb->p_db->attr_filters,
627 p_ccb->p_db->num_attr_filters);
629 p = sdpu_build_attrib_seq(p, NULL, 0);
631 /* No continuation for first request */
633 if ((p_reply + *p_reply + 1) <= p_reply_end) {
634 memcpy(p, p_reply, *p_reply + 1);
637 android_errorWriteLog(0x534e4554, "68161546");
640 UINT8_TO_BE_STREAM(p, 0);
642 /* Go back and put the parameter length into the buffer */
643 param_len = p - p_param_len - 2;
644 UINT16_TO_BE_STREAM(p_param_len, param_len);
646 /* Set the length of the SDP data in the buffer */
647 p_msg->len = p - p_start;
649 L2CA_DataWrite(p_ccb->connection_id, p_msg);
651 /* Start inactivity timer */
652 alarm_set_on_mloop(p_ccb->sdp_conn_timer, SDP_INACT_TIMEOUT_MS,
653 sdp_conn_timer_timeout, p_ccb);
658 /*******************************************************************/
659 /* We now have the full response, which is a sequence of sequences */
660 /*******************************************************************/
662 #if (SDP_RAW_DATA_INCLUDED == TRUE)
663 SDP_TRACE_WARNING("process_service_search_attr_rsp");
664 sdp_copy_raw_data(p_ccb, true);
667 p = &p_ccb->rsp_list[0];
669 /* The contents is a sequence of attribute sequences */
672 if ((type >> 3) != DATA_ELE_SEQ_DESC_TYPE) {
673 SDP_TRACE_WARNING("SDP - Wrong type: 0x%02x in attr_rsp", type);
676 p = sdpu_get_len_from_type(p, type, &seq_len);
678 p_end = &p_ccb->rsp_list[p_ccb->list_len];
680 if ((p + seq_len) != p_end) {
681 sdp_disconnect(p_ccb, SDP_INVALID_CONT_STATE);
686 p = save_attr_seq(p_ccb, p, &p_ccb->rsp_list[p_ccb->list_len]);
688 sdp_disconnect(p_ccb, SDP_DB_FULL);
693 /* Since we got everything we need, disconnect the call */
694 sdp_disconnect(p_ccb, SDP_SUCCESS);
697 /*******************************************************************************
699 * Function save_attr_seq
701 * Description This function is called when there is a response from
704 * Returns pointer to next byte or NULL if error
706 ******************************************************************************/
707 static uint8_t* save_attr_seq(tCONN_CB* p_ccb, uint8_t* p, uint8_t* p_msg_end) {
708 uint32_t seq_len, attr_len;
710 uint8_t type, *p_seq_end;
711 tSDP_DISC_REC* p_rec;
715 if ((type >> 3) != DATA_ELE_SEQ_DESC_TYPE) {
716 SDP_TRACE_WARNING("SDP - Wrong type: 0x%02x in attr_rsp", type);
720 p = sdpu_get_len_from_type(p, type, &seq_len);
721 if ((p + seq_len) > p_msg_end) {
722 SDP_TRACE_WARNING("SDP - Bad len in attr_rsp %d", seq_len);
726 /* Create a record */
727 p_rec = add_record(p_ccb->p_db, p_ccb->device_address);
729 SDP_TRACE_WARNING("SDP - DB full add_record");
733 p_seq_end = p + seq_len;
735 while (p < p_seq_end) {
736 /* First get the attribute ID */
738 p = sdpu_get_len_from_type(p, type, &attr_len);
739 if (((type >> 3) != UINT_DESC_TYPE) || (attr_len != 2)) {
740 SDP_TRACE_WARNING("SDP - Bad type: 0x%02x or len: %d in attr_rsp", type,
744 BE_STREAM_TO_UINT16(attr_id, p);
746 /* Now, add the attribute value */
747 p = add_attr(p, p_ccb->p_db, p_rec, attr_id, NULL, 0);
750 SDP_TRACE_WARNING("SDP - DB full add_attr");
758 /*******************************************************************************
760 * Function add_record
762 * Description This function allocates space for a record from the DB.
764 * Returns pointer to next byte in data stream
766 ******************************************************************************/
767 tSDP_DISC_REC* add_record(tSDP_DISCOVERY_DB* p_db, const RawAddress& p_bda) {
768 tSDP_DISC_REC* p_rec;
770 /* See if there is enough space in the database */
771 if (p_db->mem_free < sizeof(tSDP_DISC_REC)) return (NULL);
773 p_rec = (tSDP_DISC_REC*)p_db->p_free_mem;
774 p_db->p_free_mem += sizeof(tSDP_DISC_REC);
775 p_db->mem_free -= sizeof(tSDP_DISC_REC);
777 p_rec->p_first_attr = NULL;
778 p_rec->p_next_rec = NULL;
780 p_rec->remote_bd_addr = p_bda;
782 /* Add the record to the end of chain */
783 if (!p_db->p_first_rec)
784 p_db->p_first_rec = p_rec;
786 tSDP_DISC_REC* p_rec1 = p_db->p_first_rec;
788 while (p_rec1->p_next_rec) p_rec1 = p_rec1->p_next_rec;
790 p_rec1->p_next_rec = p_rec;
796 #define SDP_ADDITIONAL_LIST_MASK 0x80
797 /*******************************************************************************
801 * Description This function allocates space for an attribute from the DB
802 * and copies the data into it.
804 * Returns pointer to next byte in data stream
806 ******************************************************************************/
807 static uint8_t* add_attr(uint8_t* p, tSDP_DISCOVERY_DB* p_db,
808 tSDP_DISC_REC* p_rec, uint16_t attr_id,
809 tSDP_DISC_ATTR* p_parent_attr, uint8_t nest_level) {
810 tSDP_DISC_ATTR* p_attr;
817 uint8_t is_additional_list = nest_level & SDP_ADDITIONAL_LIST_MASK;
819 nest_level &= ~(SDP_ADDITIONAL_LIST_MASK);
822 p = sdpu_get_len_from_type(p, type, &attr_len);
824 attr_len &= SDP_DISC_ATTR_LEN_MASK;
825 attr_type = (type >> 3) & 0x0f;
827 /* See if there is enough space in the database */
829 total_len = attr_len - 4 + (uint16_t)sizeof(tSDP_DISC_ATTR);
831 total_len = sizeof(tSDP_DISC_ATTR);
833 /* Ensure it is a multiple of 4 */
834 total_len = (total_len + 3) & ~3;
836 /* See if there is enough space in the database */
837 if (p_db->mem_free < total_len) return (NULL);
839 p_attr = (tSDP_DISC_ATTR*)p_db->p_free_mem;
840 p_attr->attr_id = attr_id;
841 p_attr->attr_len_type = (uint16_t)attr_len | (attr_type << 12);
842 p_attr->p_next_attr = NULL;
844 /* Store the attribute value */
847 if ((is_additional_list != 0) && (attr_len == 2)) {
848 BE_STREAM_TO_UINT16(id, p);
849 if (id != ATTR_ID_PROTOCOL_DESC_LIST)
852 /* Reserve the memory for the attribute now, as we need to add
854 p_db->p_free_mem += sizeof(tSDP_DISC_ATTR);
855 p_db->mem_free -= sizeof(tSDP_DISC_ATTR);
856 p_end = p + attr_len;
859 /* SDP_TRACE_DEBUG ("SDP - attr nest level:%d(list)", nest_level); */
860 if (nest_level >= MAX_NEST_LEVELS) {
861 SDP_TRACE_ERROR("SDP - attr nesting too deep");
865 /* Now, add the list entry */
866 p = add_attr(p, p_db, p_rec, ATTR_ID_PROTOCOL_DESC_LIST, p_attr,
867 (uint8_t)(nest_level + 1));
872 /* Case falls through */
874 case TWO_COMP_INT_DESC_TYPE:
877 p_attr->attr_value.v.u8 = *p++;
880 BE_STREAM_TO_UINT16(p_attr->attr_value.v.u16, p);
883 BE_STREAM_TO_UINT32(p_attr->attr_value.v.u32, p);
886 BE_STREAM_TO_ARRAY(p, p_attr->attr_value.v.array, (int32_t)attr_len);
894 BE_STREAM_TO_UINT16(p_attr->attr_value.v.u16, p);
897 BE_STREAM_TO_UINT32(p_attr->attr_value.v.u32, p);
898 if (p_attr->attr_value.v.u32 < 0x10000) {
900 p_attr->attr_len_type = (uint16_t)attr_len | (attr_type << 12);
901 p_attr->attr_value.v.u16 = (uint16_t)p_attr->attr_value.v.u32;
905 /* See if we can compress his UUID down to 16 or 32bit UUIDs */
906 if (sdpu_is_base_uuid(p)) {
907 if ((p[0] == 0) && (p[1] == 0)) {
908 p_attr->attr_len_type =
909 (p_attr->attr_len_type & ~SDP_DISC_ATTR_LEN_MASK) | 2;
911 BE_STREAM_TO_UINT16(p_attr->attr_value.v.u16, p);
912 p += MAX_UUID_SIZE - 4;
914 p_attr->attr_len_type =
915 (p_attr->attr_len_type & ~SDP_DISC_ATTR_LEN_MASK) | 4;
916 BE_STREAM_TO_UINT32(p_attr->attr_value.v.u32, p);
917 p += MAX_UUID_SIZE - 4;
920 BE_STREAM_TO_ARRAY(p, p_attr->attr_value.v.array,
925 SDP_TRACE_WARNING("SDP - bad len in UUID attr: %d", attr_len);
926 return (p + attr_len);
930 case DATA_ELE_SEQ_DESC_TYPE:
931 case DATA_ELE_ALT_DESC_TYPE:
932 /* Reserve the memory for the attribute now, as we need to add
934 p_db->p_free_mem += sizeof(tSDP_DISC_ATTR);
935 p_db->mem_free -= sizeof(tSDP_DISC_ATTR);
936 p_end = p + attr_len;
939 /* SDP_TRACE_DEBUG ("SDP - attr nest level:%d", nest_level); */
940 if (nest_level >= MAX_NEST_LEVELS) {
941 SDP_TRACE_ERROR("SDP - attr nesting too deep");
944 if (is_additional_list != 0 ||
945 attr_id == ATTR_ID_ADDITION_PROTO_DESC_LISTS)
946 nest_level |= SDP_ADDITIONAL_LIST_MASK;
947 /* SDP_TRACE_DEBUG ("SDP - attr nest level:0x%x(finish)", nest_level); */
950 /* Now, add the list entry */
951 p = add_attr(p, p_db, p_rec, 0, p_attr, (uint8_t)(nest_level + 1));
953 if (!p) return (NULL);
957 case TEXT_STR_DESC_TYPE:
959 BE_STREAM_TO_ARRAY(p, p_attr->attr_value.v.array, (int32_t)attr_len);
962 case BOOLEAN_DESC_TYPE:
965 p_attr->attr_value.v.u8 = *p++;
968 SDP_TRACE_WARNING("SDP - bad len in boolean attr: %d", attr_len);
969 return (p + attr_len);
973 default: /* switch (attr_type) */
977 p_db->p_free_mem += total_len;
978 p_db->mem_free -= total_len;
980 /* Add the attribute to the end of the chain */
981 if (!p_parent_attr) {
982 if (!p_rec->p_first_attr)
983 p_rec->p_first_attr = p_attr;
985 tSDP_DISC_ATTR* p_attr1 = p_rec->p_first_attr;
987 while (p_attr1->p_next_attr) p_attr1 = p_attr1->p_next_attr;
989 p_attr1->p_next_attr = p_attr;
992 if (!p_parent_attr->attr_value.v.p_sub_attr) {
993 p_parent_attr->attr_value.v.p_sub_attr = p_attr;
994 /* SDP_TRACE_DEBUG ("parent:0x%x(id:%d), ch:0x%x(id:%d)",
995 p_parent_attr, p_parent_attr->attr_id, p_attr, p_attr->attr_id); */
997 tSDP_DISC_ATTR* p_attr1 = p_parent_attr->attr_value.v.p_sub_attr;
998 /* SDP_TRACE_DEBUG ("parent:0x%x(id:%d), ch1:0x%x(id:%d)",
999 p_parent_attr, p_parent_attr->attr_id, p_attr1, p_attr1->attr_id); */
1001 while (p_attr1->p_next_attr) p_attr1 = p_attr1->p_next_attr;
1003 p_attr1->p_next_attr = p_attr;
1004 /* SDP_TRACE_DEBUG ("new ch:0x%x(id:%d)", p_attr, p_attr->attr_id); */