OSDN Git Service

BLE: Don't access freed buffer in log message
authorNitin Shivpure <nshivpur@codeaurora.org>
Tue, 6 Feb 2018 12:48:37 +0000 (18:18 +0530)
committerJakub Pawlowski <jpawlowski@google.com>
Fri, 13 Jul 2018 10:21:43 +0000 (10:21 +0000)
When GATT fail to write data on L2CAP, buffer is freed by L2CAP.
Accessing the buffer leads to fatal failure while printing the message info.

Test: BLE discover services and BT off test cases

Fixes: 73018520
Change-Id: I661398fd1321f6e68026b3720db4965fd6584d70
Merged-In: I661398fd1321f6e68026b3720db4965fd6584d70

stack/gatt/att_protocol.c

index 00512e2..08ca7fd 100644 (file)
@@ -364,8 +364,7 @@ tGATT_STATUS attp_send_msg_to_l2cap(tGATT_TCB *p_tcb, BT_HDR *p_toL2CAP)
 
     if (l2cap_ret == L2CAP_DW_FAILED)
     {
-        GATT_TRACE_ERROR("ATT   failed to pass msg:0x%0x to L2CAP",
-            *((UINT8 *)(p_toL2CAP + 1) + p_toL2CAP->offset));
+        GATT_TRACE_ERROR("ATT   failed to pass msg to L2CAP");
         return GATT_INTERNAL_ERROR;
     }
     else if (l2cap_ret == L2CAP_DW_CONGESTED)