Fix insufficient buffer size allocation in hci_inject

A bug in the hci_inject when requesting a buffer to carry the
injected HCI packet. The allocated size should include the BT_HDR
header size.

Change-Id: Ic1fd41264249103140ce50dff843a99a6bd7dbd8

diff --git a/hci/src/hci_inject.c b/hci/src/hci_inject.c
index 169295b..a17a3d3 100644 (file)
--- a/hci/src/hci_inject.c
+++ b/hci/src/hci_inject.c
@@ -167,7 +167,7 @@ static void read_ready(UNUSED_ATTR socket_t *socket, void *context) {
     // TODO(sharvil): once we have an HCI parser, we can eliminate
     //   the 2-byte size field since it will be contained in the packet.
 
-    BT_HDR *buf = (BT_HDR *)buffer_allocator->alloc(packet_len);
+    BT_HDR *buf = (BT_HDR *)buffer_allocator->alloc(BT_HDR_SIZE + packet_len);
     if (buf) {
       buf->event = hci_packet_to_event(packet_type);
       buf->offset = 0;