Loading system/stack/l2cap/l2c_main.c +108 −0 Original line number Diff line number Diff line Loading @@ -339,9 +339,17 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) switch (cmd_code) { case L2CAP_CMD_REJECT: if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rej_reason, p); if (rej_reason == L2CAP_CMD_REJ_MTU_EXCEEDED) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rej_mtu, p); /* What to do with the MTU reject ? We have negotiated an MTU. For now */ /* we will ignore it and let a higher protocol timeout take care of it */ Loading @@ -350,6 +358,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) } if (rej_reason == L2CAP_CMD_REJ_INVALID_CID) { if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rcid, p); STREAM_TO_UINT16 (lcid, p); Loading Loading @@ -382,6 +394,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_CONN_REQ: if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (con_info.psm, p); STREAM_TO_UINT16 (rcid, p); if ((p_rcb = l2cu_find_rcb_by_psm (con_info.psm)) == NULL) Loading Loading @@ -413,6 +429,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_CONN_RSP: if (p + 8 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (con_info.remote_cid, p); STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (con_info.l2cap_result, p); Loading Loading @@ -445,6 +465,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) cfg_rej = FALSE; cfg_rej_len = 0; if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (cfg_info.flags, p); Loading @@ -455,6 +479,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) while (p < p_cfg_end) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_code, p); STREAM_TO_UINT8 (cfg_len, p); Loading @@ -462,16 +490,28 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) { case L2CAP_CFG_TYPE_MTU: cfg_info.mtu_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.mtu, p); break; case L2CAP_CFG_TYPE_FLUSH_TOUT: cfg_info.flush_to_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.flush_to, p); break; case L2CAP_CFG_TYPE_QOS: cfg_info.qos_present = TRUE; if (p + 2 + 5 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.qos.qos_flags, p); STREAM_TO_UINT8 (cfg_info.qos.service_type, p); STREAM_TO_UINT32 (cfg_info.qos.token_rate, p); Loading @@ -483,6 +523,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCR: cfg_info.fcr_present = TRUE; if (p + 3 + 3 * 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcr.mode, p); STREAM_TO_UINT8 (cfg_info.fcr.tx_win_sz, p); STREAM_TO_UINT8 (cfg_info.fcr.max_transmit, p); Loading @@ -493,11 +537,19 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCS: cfg_info.fcs_present = TRUE; if (p + 1 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcs, p); break; case L2CAP_CFG_TYPE_EXT_FLOW: cfg_info.ext_flow_spec_present = TRUE; if (p + 2 + 2 + 3 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.ext_flow_spec.id, p); STREAM_TO_UINT8 (cfg_info.ext_flow_spec.stype, p); STREAM_TO_UINT16 (cfg_info.ext_flow_spec.max_sdu_size, p); Loading Loading @@ -548,6 +600,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CMD_CONFIG_RSP: p_cfg_end = p + cmd_len; if (p + 6 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (cfg_info.flags, p); STREAM_TO_UINT16 (cfg_info.result, p); Loading @@ -557,6 +613,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) while (p < p_cfg_end) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_code, p); STREAM_TO_UINT8 (cfg_len, p); Loading @@ -564,16 +624,28 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) { case L2CAP_CFG_TYPE_MTU: cfg_info.mtu_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.mtu, p); break; case L2CAP_CFG_TYPE_FLUSH_TOUT: cfg_info.flush_to_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.flush_to, p); break; case L2CAP_CFG_TYPE_QOS: cfg_info.qos_present = TRUE; if (p + 2 + 5 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.qos.qos_flags, p); STREAM_TO_UINT8 (cfg_info.qos.service_type, p); STREAM_TO_UINT32 (cfg_info.qos.token_rate, p); Loading @@ -585,6 +657,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCR: cfg_info.fcr_present = TRUE; if (p + 3 + 3 * 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcr.mode, p); STREAM_TO_UINT8 (cfg_info.fcr.tx_win_sz, p); STREAM_TO_UINT8 (cfg_info.fcr.max_transmit, p); Loading @@ -595,11 +671,19 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCS: cfg_info.fcs_present = TRUE; if (p + 1 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcs, p); break; case L2CAP_CFG_TYPE_EXT_FLOW: cfg_info.ext_flow_spec_present = TRUE; if (p + 2 + 2 + 3 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.ext_flow_spec.id, p); STREAM_TO_UINT8 (cfg_info.ext_flow_spec.stype, p); STREAM_TO_UINT16 (cfg_info.ext_flow_spec.max_sdu_size, p); Loading Loading @@ -630,6 +714,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_DISC_REQ: if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (rcid, p); Loading @@ -647,6 +735,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_DISC_RSP: if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rcid, p); STREAM_TO_UINT16 (lcid, p); Loading Loading @@ -676,6 +768,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_INFO_REQ: if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (info_type, p); l2cu_send_peer_info_rsp (p_lcb, id, info_type); break; Loading @@ -688,6 +784,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) p_lcb->w4_info_rsp = FALSE; } if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (info_type, p); STREAM_TO_UINT16 (result, p); Loading @@ -696,6 +796,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) if ( (info_type == L2CAP_EXTENDED_FEATURES_INFO_TYPE) && (result == L2CAP_INFO_RESP_RESULT_SUCCESS) ) { if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT32( p_lcb->peer_ext_fea, p ); #if (L2CAP_NUM_FIXED_CHNLS > 0) Loading Loading @@ -727,6 +831,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) { if (result == L2CAP_INFO_RESP_RESULT_SUCCESS) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (p_lcb->ucd_mtu, p); } } Loading Loading
system/stack/l2cap/l2c_main.c +108 −0 Original line number Diff line number Diff line Loading @@ -339,9 +339,17 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) switch (cmd_code) { case L2CAP_CMD_REJECT: if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rej_reason, p); if (rej_reason == L2CAP_CMD_REJ_MTU_EXCEEDED) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rej_mtu, p); /* What to do with the MTU reject ? We have negotiated an MTU. For now */ /* we will ignore it and let a higher protocol timeout take care of it */ Loading @@ -350,6 +358,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) } if (rej_reason == L2CAP_CMD_REJ_INVALID_CID) { if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rcid, p); STREAM_TO_UINT16 (lcid, p); Loading Loading @@ -382,6 +394,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_CONN_REQ: if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (con_info.psm, p); STREAM_TO_UINT16 (rcid, p); if ((p_rcb = l2cu_find_rcb_by_psm (con_info.psm)) == NULL) Loading Loading @@ -413,6 +429,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_CONN_RSP: if (p + 8 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (con_info.remote_cid, p); STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (con_info.l2cap_result, p); Loading Loading @@ -445,6 +465,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) cfg_rej = FALSE; cfg_rej_len = 0; if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (cfg_info.flags, p); Loading @@ -455,6 +479,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) while (p < p_cfg_end) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_code, p); STREAM_TO_UINT8 (cfg_len, p); Loading @@ -462,16 +490,28 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) { case L2CAP_CFG_TYPE_MTU: cfg_info.mtu_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.mtu, p); break; case L2CAP_CFG_TYPE_FLUSH_TOUT: cfg_info.flush_to_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.flush_to, p); break; case L2CAP_CFG_TYPE_QOS: cfg_info.qos_present = TRUE; if (p + 2 + 5 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.qos.qos_flags, p); STREAM_TO_UINT8 (cfg_info.qos.service_type, p); STREAM_TO_UINT32 (cfg_info.qos.token_rate, p); Loading @@ -483,6 +523,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCR: cfg_info.fcr_present = TRUE; if (p + 3 + 3 * 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcr.mode, p); STREAM_TO_UINT8 (cfg_info.fcr.tx_win_sz, p); STREAM_TO_UINT8 (cfg_info.fcr.max_transmit, p); Loading @@ -493,11 +537,19 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCS: cfg_info.fcs_present = TRUE; if (p + 1 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcs, p); break; case L2CAP_CFG_TYPE_EXT_FLOW: cfg_info.ext_flow_spec_present = TRUE; if (p + 2 + 2 + 3 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.ext_flow_spec.id, p); STREAM_TO_UINT8 (cfg_info.ext_flow_spec.stype, p); STREAM_TO_UINT16 (cfg_info.ext_flow_spec.max_sdu_size, p); Loading Loading @@ -548,6 +600,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CMD_CONFIG_RSP: p_cfg_end = p + cmd_len; if (p + 6 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (cfg_info.flags, p); STREAM_TO_UINT16 (cfg_info.result, p); Loading @@ -557,6 +613,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) while (p < p_cfg_end) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_code, p); STREAM_TO_UINT8 (cfg_len, p); Loading @@ -564,16 +624,28 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) { case L2CAP_CFG_TYPE_MTU: cfg_info.mtu_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.mtu, p); break; case L2CAP_CFG_TYPE_FLUSH_TOUT: cfg_info.flush_to_present = TRUE; if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (cfg_info.flush_to, p); break; case L2CAP_CFG_TYPE_QOS: cfg_info.qos_present = TRUE; if (p + 2 + 5 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.qos.qos_flags, p); STREAM_TO_UINT8 (cfg_info.qos.service_type, p); STREAM_TO_UINT32 (cfg_info.qos.token_rate, p); Loading @@ -585,6 +657,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCR: cfg_info.fcr_present = TRUE; if (p + 3 + 3 * 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcr.mode, p); STREAM_TO_UINT8 (cfg_info.fcr.tx_win_sz, p); STREAM_TO_UINT8 (cfg_info.fcr.max_transmit, p); Loading @@ -595,11 +671,19 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) case L2CAP_CFG_TYPE_FCS: cfg_info.fcs_present = TRUE; if (p + 1 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.fcs, p); break; case L2CAP_CFG_TYPE_EXT_FLOW: cfg_info.ext_flow_spec_present = TRUE; if (p + 2 + 2 + 3 * 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT8 (cfg_info.ext_flow_spec.id, p); STREAM_TO_UINT8 (cfg_info.ext_flow_spec.stype, p); STREAM_TO_UINT16 (cfg_info.ext_flow_spec.max_sdu_size, p); Loading Loading @@ -630,6 +714,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_DISC_REQ: if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (lcid, p); STREAM_TO_UINT16 (rcid, p); Loading @@ -647,6 +735,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_DISC_RSP: if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (rcid, p); STREAM_TO_UINT16 (lcid, p); Loading Loading @@ -676,6 +768,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) break; case L2CAP_CMD_INFO_REQ: if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (info_type, p); l2cu_send_peer_info_rsp (p_lcb, id, info_type); break; Loading @@ -688,6 +784,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) p_lcb->w4_info_rsp = FALSE; } if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (info_type, p); STREAM_TO_UINT16 (result, p); Loading @@ -696,6 +796,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) if ( (info_type == L2CAP_EXTENDED_FEATURES_INFO_TYPE) && (result == L2CAP_INFO_RESP_RESULT_SUCCESS) ) { if (p + 4 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT32( p_lcb->peer_ext_fea, p ); #if (L2CAP_NUM_FIXED_CHNLS > 0) Loading Loading @@ -727,6 +831,10 @@ static void process_l2cap_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len) { if (result == L2CAP_INFO_RESP_RESULT_SUCCESS) { if (p + 2 > p_next_cmd) { android_errorWriteLog(0x534e4554, "74202041"); return; } STREAM_TO_UINT16 (p_lcb->ucd_mtu, p); } } Loading
