Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8e27fc66 authored by Sai Aitharaju's avatar Sai Aitharaju Committed by Linux Build Service Account
Browse files

BT App: Fix to resolve Static Code Analysis issues 

Use case:
During static code analysis of Bluetooth Application
codespace, many NULL pointer exceptions
and Array Index Out of Bounds Exceptions were observed.

Root Cause:
No proper NULL checks before dereferencing a pointer
and no proper boundary checks kept for the array indices.

CRs-fixed: 760114
Change-Id: I0c12a5ce37243695a839d0f976917da27d7fa989
parent 22b4460f

src/com/android/bluetooth/btservice/AdapterService.java

+1 −1
Original line number Diff line number Diff line
@@ -1725,9 +1725,9 @@ public class AdapterService extends Service { 
     void setProfileAutoConnectionPriority (BluetoothDevice device, int profileId){

         if (profileId == BluetoothProfile.HEADSET) {

             HeadsetService  hsService = HeadsetService.getHeadsetService();

             List<BluetoothDevice> deviceList = hsService.getConnectedDevices();

             if ((hsService != null) &&

                (BluetoothProfile.PRIORITY_AUTO_CONNECT != hsService.getPriority(device))){

                 List<BluetoothDevice> deviceList = hsService.getConnectedDevices();

                 adjustOtherHeadsetPriorities(hsService, deviceList);

                 hsService.setPriority(device,BluetoothProfile.PRIORITY_AUTO_CONNECT);

             }

src/com/android/bluetooth/btservice/BondStateMachine.java

+10 −0
Original line number Diff line number Diff line
@@ -244,11 +244,21 @@ final class BondStateMachine extends StateMachine { 
                case SSP_REQUEST:

                    int passkey = msg.arg1;

                    int variant = msg.arg2;

                    if(devProp == null)

                    {

                        Log.e(TAG,"Received msg from an unknown device");

                        return false;

                    }

                    sendDisplayPinIntent(devProp.getAddress(), passkey, variant);

                    break;

                case PIN_REQUEST:

                    BluetoothClass btClass = dev.getBluetoothClass();

                    int btDeviceClass = btClass.getDeviceClass();

                    if(devProp == null)

                    {

                        Log.e(TAG,"Received msg from an unknown device");

                        return false;

                    }

                    if (btDeviceClass == BluetoothClass.Device.PERIPHERAL_KEYBOARD ||

                         btDeviceClass == BluetoothClass.Device.PERIPHERAL_KEYBOARD_POINTING) {

                        // Its a keyboard. Follow the HID spec recommendation of creating the

src/com/android/bluetooth/btservice/RemoteDevices.java

+1 −1
Original line number Diff line number Diff line
@@ -241,7 +241,7 @@ final class RemoteDevices { 
            device = getDeviceProperties(bdDevice);

        }



        for (int j = 0; j < types.length; j++) {

        for (int j = 0; j < types.length && device != null; j++) {

            type = types[j];

            val = values[j];

            if(val.length <= 0)

src/com/android/bluetooth/hdp/HealthService.java

+30 −6
Original line number Diff line number Diff line
@@ -189,7 +189,12 @@ public class HealthService extends ProfileService { 
                {

                    BluetoothHealthAppConfiguration appConfig =

                        (BluetoothHealthAppConfiguration) msg.obj;

                    int appId = (mApps.get(appConfig)).mAppId;

                    AppInfo appInfo = mApps.get(appConfig);

                    if (appInfo == null) {

                        Log.e(TAG, "No AppInfo found for AppConfig: " + appConfig);

                        break;

                    }

                    int appId = appInfo.mAppId;

                    if (!unregisterHealthAppNative(appId)) {

                        Log.e(TAG, "Failed to unregister application: id: " + appId);

                        callStatusCallback(appConfig,
@@ -201,7 +206,12 @@ public class HealthService extends ProfileService { 
                {

                    HealthChannel chan = (HealthChannel) msg.obj;

                    byte[] devAddr = Utils.getByteAddress(chan.mDevice);

                    int appId = (mApps.get(chan.mConfig)).mAppId;

                    AppInfo appInfo = mApps.get(chan.mConfig);

                    if (appInfo == null) {

                        Log.e(TAG, "No AppInfo found for AppConfig: " + chan.mConfig);

                        break;

                    }

                    int appId = appInfo.mAppId;

                    chan.mChannelId = connectChannelNative(devAddr, appId);

                    if (chan.mChannelId == -1) {

                        callHealthChannelCallback(chan.mConfig, chan.mDevice,
@@ -241,6 +251,10 @@ public class HealthService extends ProfileService { 
                        regStatus == BluetoothHealth.APP_CONFIG_UNREGISTRATION_SUCCESS) {

                        //unlink to death once app is unregistered

                        AppInfo appInfo = mApps.get(appConfig);

                        if (appInfo == null){

                            Log.e(TAG, "No AppInfo found for AppConfig " + appConfig);

                            break;

                        }

                        appInfo.cleanup();

                        mApps.remove(appConfig);

                    }
@@ -254,7 +268,7 @@ public class HealthService extends ProfileService { 
                            findAppConfigByAppId(channelStateEvent.mAppId);

                    int newState;

                    newState = convertHalChannelState(channelStateEvent.mState);

                    if (newState  ==  BluetoothHealth.STATE_CHANNEL_DISCONNECTED &&

                    if (newState  ==  BluetoothHealth.STATE_CHANNEL_DISCONNECTED ||

                        appConfig == null) {

                        Log.e(TAG,"Disconnected for non existing app");

                        break;
@@ -512,9 +526,15 @@ public class HealthService extends ProfileService { 


    private void callStatusCallback(BluetoothHealthAppConfiguration config, int status) {

        if (VDBG) log ("Health Device Application: " + config + " State Change: status:" + status);

        IBluetoothHealthCallback callback = (mApps.get(config)).mCallback;

        AppInfo appInfo = mApps.get(config);

        if (appInfo == null) {

            Log.e(TAG, " No AppInfo found for AppConfig " + config);

            return;

        }

        IBluetoothHealthCallback callback = appInfo.mCallback;

        if (callback == null) {

            Log.e(TAG, "Callback object null");

            return;

        }



        try {
@@ -604,8 +624,12 @@ public class HealthService extends ProfileService { 
                Log.e(TAG, "Exception while duping: " + e);

            }

        }



        IBluetoothHealthCallback callback = (mApps.get(config)).mCallback;

        AppInfo appInfo = mApps.get(config);

        if (appInfo == null) {

            Log.e(TAG, "No AppInfo found for AppConfig " + config);

            return;

        }

        IBluetoothHealthCallback callback = appInfo.mCallback;

        if (callback == null) {

            Log.e(TAG, "No callback found for config: " + config);

            return;