From: xiaoshun.xu Date: Tue, 18 Aug 2020 17:57:09 +0000 (+0800) Subject: Refactor: Fix BT device name length issue X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=624c787a77d189ab0fa3a992a9a6895a2255d5d1;p=android-x86%2Fsystem-bt.git Refactor: Fix BT device name length issue BT device name only show 247bytes on settings, it supposed to show 248bytes if local device and remote device have 248bytes' name. Increasing the argument passed to function strlcpy&memcpy bt 1 will resolve the issue. Tag: #refactor Bug: 162480697 Sponsor: mylesgw Test: cert/run --host Change-Id: Ib3fa7d78e39f0a9330658f9ce2b4a67003d7114d --- diff --git a/bta/dm/bta_dm_act.cc b/bta/dm/bta_dm_act.cc index bd0e87b66..e7dbe3032 100644 --- a/bta/dm/bta_dm_act.cc +++ b/bta/dm/bta_dm_act.cc @@ -686,8 +686,8 @@ void bta_dm_bond(const RawAddress& bd_addr, tBLE_ADDR_TYPE addr_type, sec_event.auth_cmpl.bd_addr = bd_addr; p_name = BTM_SecReadDevName(bd_addr); if (p_name != NULL) { - memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN - 1)); - sec_event.auth_cmpl.bd_name[BD_NAME_LEN - 1] = 0; + memcpy(sec_event.auth_cmpl.bd_name, p_name, BD_NAME_LEN); + sec_event.auth_cmpl.bd_name[BD_NAME_LEN] = 0; } /* taken care of by memset [above] @@ -1028,7 +1028,7 @@ void bta_dm_sdp_result(tBTA_DM_MSG* p_data) { /* send result back to app now, one by one */ result.disc_ble_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)result.disc_ble_res.bd_name, bta_dm_get_remname(), - BD_NAME_LEN); + BD_NAME_LEN + 1); result.disc_ble_res.service = service_uuid; bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result); @@ -1137,7 +1137,7 @@ void bta_dm_sdp_result(tBTA_DM_MSG* p_data) { } p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name, - bta_dm_get_remname(), BD_NAME_LEN); + bta_dm_get_remname(), BD_NAME_LEN + 1); bta_sys_sendmsg(p_msg); } @@ -1161,7 +1161,7 @@ void bta_dm_sdp_result(tBTA_DM_MSG* p_data) { bta_dm_search_cb.services_found; p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name, - bta_dm_get_remname(), BD_NAME_LEN); + bta_dm_get_remname(), BD_NAME_LEN + 1); bta_sys_sendmsg(p_msg); } @@ -1444,7 +1444,7 @@ static void bta_dm_find_services(const RawAddress& bd_addr) { bta_dm_search_cb.services_found; p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name, - bta_dm_get_remname(), BD_NAME_LEN); + bta_dm_get_remname(), BD_NAME_LEN + 1); bta_sys_sendmsg(p_msg); } @@ -1594,7 +1594,7 @@ static void bta_dm_discover_device(const RawAddress& remote_bd_addr) { p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name, - (char*)bta_dm_search_cb.peer_name, BD_NAME_LEN); + (char*)bta_dm_search_cb.peer_name, BD_NAME_LEN + 1); bta_sys_sendmsg(p_msg); } @@ -1701,12 +1701,11 @@ static void bta_dm_service_search_remname_cback(const RawAddress& bd_addr, /* if this is what we are looking for */ if (bta_dm_search_cb.peer_bdaddr == bd_addr) { - rem_name.length = strlen((char*)bd_name); - if (rem_name.length > (BD_NAME_LEN - 1)) { - rem_name.length = (BD_NAME_LEN - 1); - rem_name.remote_bd_name[(BD_NAME_LEN - 1)] = 0; + rem_name.length = strlcpy((char*)rem_name.remote_bd_name, (char*)bd_name, + BD_NAME_LEN + 1); + if (rem_name.length > BD_NAME_LEN) { + rem_name.length = BD_NAME_LEN; } - strlcpy((char*)rem_name.remote_bd_name, (char*)bd_name, BD_NAME_LEN); rem_name.status = BTM_SUCCESS; bta_dm_remname_cback(&rem_name); @@ -1748,7 +1747,7 @@ static void bta_dm_remname_cback(void* p) { /* remote name discovery is done but it could be failed */ bta_dm_search_cb.name_discover_done = true; strlcpy((char*)bta_dm_search_cb.peer_name, - (char*)p_remote_name->remote_bd_name, BD_NAME_LEN); + (char*)p_remote_name->remote_bd_name, BD_NAME_LEN + 1); BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); @@ -1760,7 +1759,7 @@ static void bta_dm_remname_cback(void* p) { (tBTA_DM_REM_NAME*)osi_malloc(sizeof(tBTA_DM_REM_NAME)); p_msg->result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)p_msg->result.disc_res.bd_name, - (char*)p_remote_name->remote_bd_name, BD_NAME_LEN); + (char*)p_remote_name->remote_bd_name, BD_NAME_LEN + 1); p_msg->hdr.event = BTA_DM_REMT_NAME_EVT; bta_sys_sendmsg(p_msg); @@ -1787,12 +1786,11 @@ static void bta_dm_pinname_cback(void* p_data) { BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class); if (p_result && p_result->status == BTM_SUCCESS) { - bytes_to_copy = (p_result->length < (BD_NAME_LEN - 1)) - ? p_result->length - : (BD_NAME_LEN - 1); + bytes_to_copy = + (p_result->length < BD_NAME_LEN) ? p_result->length : BD_NAME_LEN; memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy); - sec_event.pin_req.bd_name[BD_NAME_LEN - 1] = 0; + sec_event.pin_req.bd_name[BD_NAME_LEN] = 0; } else /* No name found */ sec_event.cfm_req.bd_name[0] = 0; @@ -1813,12 +1811,11 @@ static void bta_dm_pinname_cback(void* p_data) { BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class); if (p_result && p_result->status == BTM_SUCCESS) { - bytes_to_copy = (p_result->length < (BD_NAME_LEN - 1)) - ? p_result->length - : (BD_NAME_LEN - 1); + bytes_to_copy = (p_result->length < BD_NAME_LEN) ? p_result->length + : (BD_NAME_LEN - 1); memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy); - sec_event.pin_req.bd_name[BD_NAME_LEN - 1] = 0; + sec_event.pin_req.bd_name[BD_NAME_LEN] = 0; } else /* No name found */ sec_event.pin_req.bd_name[0] = 0; @@ -1861,7 +1858,7 @@ static uint8_t bta_dm_pin_cback(const RawAddress& bd_addr, DEV_CLASS dev_class, sec_event.pin_req.bd_addr = bd_addr; BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class); - strlcpy((char*)sec_event.pin_req.bd_name, (char*)bd_name, BD_NAME_LEN); + strlcpy((char*)sec_event.pin_req.bd_name, (char*)bd_name, BD_NAME_LEN + 1); sec_event.pin_req.min_16_digit = min_16_digit; bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event); @@ -1892,8 +1889,8 @@ static uint8_t bta_dm_new_link_key_cback(const RawAddress& bd_addr, p_auth_cmpl->bd_addr = bd_addr; - memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN - 1)); - p_auth_cmpl->bd_name[BD_NAME_LEN - 1] = 0; + memcpy(p_auth_cmpl->bd_name, bd_name, BD_NAME_LEN); + p_auth_cmpl->bd_name[BD_NAME_LEN] = 0; p_auth_cmpl->key_present = true; p_auth_cmpl->key_type = key_type; p_auth_cmpl->success = true; @@ -1933,8 +1930,8 @@ static uint8_t bta_dm_authentication_complete_cback( memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); sec_event.auth_cmpl.bd_addr = bd_addr; - memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN - 1)); - sec_event.auth_cmpl.bd_name[BD_NAME_LEN - 1] = 0; + memcpy(sec_event.auth_cmpl.bd_name, bd_name, BD_NAME_LEN); + sec_event.auth_cmpl.bd_name[BD_NAME_LEN] = 0; // Report the BR link key based on the BR/EDR address and type BTM_ReadDevInfo(bd_addr, &sec_event.auth_cmpl.dev_type, @@ -2042,7 +2039,7 @@ static uint8_t bta_dm_sp_cback(tBTM_SP_EVT event, tBTM_SP_EVT_DATA* p_data) { BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->cfm_req.dev_class); strlcpy((char*)sec_event.key_notif.bd_name, - (char*)p_data->cfm_req.bd_name, BD_NAME_LEN); + (char*)p_data->cfm_req.bd_name, BD_NAME_LEN + 1); } } @@ -2065,8 +2062,8 @@ static uint8_t bta_dm_sp_cback(tBTM_SP_EVT event, tBTM_SP_EVT_DATA* p_data) { BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class); strlcpy((char*)sec_event.key_notif.bd_name, - (char*)p_data->key_notif.bd_name, BD_NAME_LEN); - sec_event.key_notif.bd_name[BD_NAME_LEN - 1] = 0; + (char*)p_data->key_notif.bd_name, BD_NAME_LEN + 1); + sec_event.key_notif.bd_name[BD_NAME_LEN] = 0; } } @@ -3133,7 +3130,7 @@ static uint8_t bta_dm_ble_smp_cback(tBTM_LE_EVT event, const RawAddress& bda, sec_event.ble_req.bd_addr = bda; p_name = BTM_SecReadDevName(bda); if (p_name != NULL) - strlcpy((char*)sec_event.ble_req.bd_name, p_name, BD_NAME_LEN); + strlcpy((char*)sec_event.ble_req.bd_name, p_name, BD_NAME_LEN + 1); else sec_event.ble_req.bd_name[0] = 0; bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event); @@ -3143,7 +3140,7 @@ static uint8_t bta_dm_ble_smp_cback(tBTM_LE_EVT event, const RawAddress& bda, sec_event.key_notif.bd_addr = bda; p_name = BTM_SecReadDevName(bda); if (p_name != NULL) - strlcpy((char*)sec_event.key_notif.bd_name, p_name, BD_NAME_LEN); + strlcpy((char*)sec_event.key_notif.bd_name, p_name, BD_NAME_LEN + 1); else sec_event.key_notif.bd_name[0] = 0; sec_event.key_notif.passkey = p_data->key_notif; @@ -3163,7 +3160,7 @@ static uint8_t bta_dm_ble_smp_cback(tBTM_LE_EVT event, const RawAddress& bda, case BTM_LE_NC_REQ_EVT: sec_event.key_notif.bd_addr = bda; strlcpy((char*)sec_event.key_notif.bd_name, bta_dm_get_remname(), - (BD_NAME_LEN)); + (BD_NAME_LEN + 1)); sec_event.key_notif.passkey = p_data->key_notif; bta_dm_cb.p_sec_cback(BTA_DM_BLE_NC_REQ_EVT, &sec_event); break; @@ -3186,7 +3183,7 @@ static uint8_t bta_dm_ble_smp_cback(tBTM_LE_EVT event, const RawAddress& bda, &sec_event.auth_cmpl.addr_type); p_name = BTM_SecReadDevName(bda); if (p_name != NULL) - strlcpy((char*)sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN)); + strlcpy((char*)sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN + 1)); else sec_event.auth_cmpl.bd_name[0] = 0; @@ -3471,7 +3468,7 @@ static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id) { /* send result back to app now, one by one */ result.disc_ble_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)result.disc_ble_res.bd_name, bta_dm_get_remname(), - BD_NAME_LEN); + BD_NAME_LEN + 1); result.disc_ble_res.service = service_id.uuid; bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result); @@ -3503,7 +3500,7 @@ static void bta_dm_gatt_disc_complete(uint16_t conn_id, tGATT_STATUS status) { p_msg->disc_result.result.disc_res.p_uuid_list = NULL; p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr; strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name, - bta_dm_get_remname(), BD_NAME_LEN); + bta_dm_get_remname(), BD_NAME_LEN + 1); p_msg->disc_result.result.disc_res.device_type |= BT_DEVICE_TYPE_BLE; diff --git a/bta/dm/bta_dm_api.cc b/bta/dm/bta_dm_api.cc index cb337aba7..33ffdc678 100644 --- a/bta/dm/bta_dm_api.cc +++ b/bta/dm/bta_dm_api.cc @@ -58,8 +58,8 @@ void BTA_EnableTestMode(void) { /** This function sets the Bluetooth name of local device */ void BTA_DmSetDeviceName(char* p_name) { - std::vector name(BD_NAME_LEN); - strlcpy((char*)name.data(), p_name, BD_NAME_LEN); + std::vector name(BD_NAME_LEN + 1); + strlcpy((char*)name.data(), p_name, BD_NAME_LEN + 1); do_in_main_thread(FROM_HERE, base::Bind(bta_dm_set_dev_name, name)); } diff --git a/btif/src/btif_dm.cc b/btif/src/btif_dm.cc index de6b1bf8a..06e904d86 100644 --- a/btif/src/btif_dm.cc +++ b/btif/src/btif_dm.cc @@ -743,6 +743,7 @@ static void btif_dm_pin_req_evt(tBTA_DM_PIN_REQ* p_pin_req) { const RawAddress& bd_addr = p_pin_req->bd_addr; memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); + bd_name.name[BD_NAME_LEN] = '\0'; if (pairing_cb.state == BT_BOND_STATE_BONDING && bd_addr != pairing_cb.bd_addr) { @@ -905,6 +906,7 @@ static void btif_dm_ssp_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) { RawAddress bd_addr = p_ssp_key_notif->bd_addr; memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); + bd_name.name[BD_NAME_LEN] = '\0'; bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); pairing_cb.is_ssp = true; @@ -2394,6 +2396,7 @@ static void btif_dm_ble_key_notif_evt(tBTA_DM_SP_KEY_NOTIF* p_ssp_key_notif) { (tBT_DEVICE_TYPE)dev_type); bd_addr = p_ssp_key_notif->bd_addr; memcpy(bd_name.name, p_ssp_key_notif->bd_name, BD_NAME_LEN); + bd_name.name[BD_NAME_LEN] = '\0'; bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); pairing_cb.is_ssp = false; @@ -2600,6 +2603,7 @@ void btif_dm_ble_sec_req_evt(tBTA_DM_BLE_SEC_REQ* p_ble_req) { RawAddress bd_addr = p_ble_req->bd_addr; memcpy(bd_name.name, p_ble_req->bd_name, BD_NAME_LEN); + bd_name.name[BD_NAME_LEN] = '\0'; bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); @@ -2637,6 +2641,7 @@ static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ* p_pin_req) { RawAddress bd_addr = p_pin_req->bd_addr; memcpy(bd_name.name, p_pin_req->bd_name, BD_NAME_LEN); + bd_name.name[BD_NAME_LEN] = '\0'; bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); pairing_cb.is_le_only = true; @@ -2657,6 +2662,7 @@ static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF* p_notif_req) { bt_bdname_t bd_name; memcpy(bd_name.name, p_notif_req->bd_name, BD_NAME_LEN); + bd_name.name[BD_NAME_LEN] = '\0'; bond_state_changed(BT_STATUS_SUCCESS, bd_addr, BT_BOND_STATE_BONDING); pairing_cb.is_ssp = false; diff --git a/stack/btm/btm_ble.cc b/stack/btm/btm_ble.cc index 3cbd531da..8edbc0b58 100644 --- a/stack/btm/btm_ble.cc +++ b/stack/btm/btm_ble.cc @@ -105,7 +105,7 @@ bool BTM_SecAddBleDevice(const RawAddress& bd_addr, BD_NAME bd_name, if (bd_name && bd_name[0]) { p_dev_rec->sec_flags |= BTM_SEC_NAME_KNOWN; strlcpy((char*)p_dev_rec->sec_bd_name, (char*)bd_name, - BTM_MAX_REM_BD_NAME_LEN); + BTM_MAX_REM_BD_NAME_LEN + 1); } p_dev_rec->device_type |= dev_type; p_dev_rec->ble.ble_addr_type = addr_type; diff --git a/stack/btm/btm_dev.cc b/stack/btm/btm_dev.cc index 3df6832e1..d1666b003 100644 --- a/stack/btm/btm_dev.cc +++ b/stack/btm/btm_dev.cc @@ -96,7 +96,7 @@ bool BTM_SecAddDevice(const RawAddress& bd_addr, DEV_CLASS dev_class, if (bd_name && bd_name[0]) { p_dev_rec->sec_flags |= BTM_SEC_NAME_KNOWN; strlcpy((char*)p_dev_rec->sec_bd_name, (char*)bd_name, - BTM_MAX_REM_BD_NAME_LEN); + BTM_MAX_REM_BD_NAME_LEN + 1); } p_dev_rec->num_read_pages = 0; diff --git a/stack/btm/btm_devctl.cc b/stack/btm/btm_devctl.cc index 82eee7e10..355e4d562 100644 --- a/stack/btm/btm_devctl.cc +++ b/stack/btm/btm_devctl.cc @@ -317,7 +317,7 @@ tBTM_STATUS BTM_SetLocalDeviceName(char* p_name) { /* Save the device name if local storage is enabled */ p = (uint8_t*)btm_cb.cfg.bd_name; if (p != (uint8_t*)p_name) - strlcpy(btm_cb.cfg.bd_name, p_name, BTM_MAX_LOC_BD_NAME_LEN); + strlcpy(btm_cb.cfg.bd_name, p_name, BTM_MAX_LOC_BD_NAME_LEN + 1); btsnd_hcic_change_name(p); return (BTM_CMD_STARTED); diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc index 2a321c8fd..6d5cf4109 100644 --- a/stack/btm/btm_sec.cc +++ b/stack/btm/btm_sec.cc @@ -2338,7 +2338,7 @@ void btm_sec_rmt_name_request_complete(const RawAddress* p_bd_addr, old_sec_state = p_dev_rec->sec_state; if (status == HCI_SUCCESS) { strlcpy((char*)p_dev_rec->sec_bd_name, (char*)p_bd_name, - BTM_MAX_REM_BD_NAME_LEN); + BTM_MAX_REM_BD_NAME_LEN + 1); p_dev_rec->sec_flags |= BTM_SEC_NAME_KNOWN; BTM_TRACE_EVENT("setting BTM_SEC_NAME_KNOWN sec_flags:0x%x", p_dev_rec->sec_flags); @@ -2831,7 +2831,7 @@ void btm_proc_sp_req_evt(tBTM_SP_EVT event, uint8_t* p) { memcpy(evt_data.cfm_req.dev_class, p_dev_rec->dev_class, DEV_CLASS_LEN); strlcpy((char*)evt_data.cfm_req.bd_name, (char*)p_dev_rec->sec_bd_name, - BTM_MAX_REM_BD_NAME_LEN); + BTM_MAX_REM_BD_NAME_LEN + 1); switch (event) { case BTM_SP_CFM_REQ_EVT: @@ -3028,7 +3028,7 @@ void btm_rem_oob_req(uint8_t* p) { evt_data.bd_addr = p_dev_rec->bd_addr; memcpy(evt_data.dev_class, p_dev_rec->dev_class, DEV_CLASS_LEN); strlcpy((char*)evt_data.bd_name, (char*)p_dev_rec->sec_bd_name, - BTM_MAX_REM_BD_NAME_LEN); + BTM_MAX_REM_BD_NAME_LEN + 1); btm_sec_change_pairing_state(BTM_PAIR_STATE_WAIT_LOCAL_OOB_RSP); if ((*btm_cb.api.p_sp_callback)(BTM_SP_RMT_OOB_EVT,