Merge "Add validation on sdp attr type and size in hidh_api.cc" into tm-dev...

  p_attr = SDP_FindAttributeInRec(p_rec, attr_id);

  p_attr = SDP_FindAttributeInRec(p_rec, attr_id);

  if (p_attr != NULL) {

  if (p_attr != NULL) {

    if (SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == TEXT_STR_DESC_TYPE) {

      name_len = SDP_DISC_ATTR_LEN(p_attr->attr_len_type);

      name_len = SDP_DISC_ATTR_LEN(p_attr->attr_len_type);

      if (name_len < max_len) {

      if (name_len < max_len) {

        memcpy(str, (char*)p_attr->attr_value.v.array, name_len);

        memcpy(str, (char*)p_attr->attr_value.v.array, name_len);

        memcpy(str, (char*)p_attr->attr_value.v.array, max_len - 1);

        memcpy(str, (char*)p_attr->attr_value.v.array, max_len - 1);

        str[max_len - 1] = '\0';

        str[max_len - 1] = '\0';

      }

      }

    } else {

      str[0] = '\0';

      LOG_ERROR("attr type not str!!");

    }

  } else

  } else

    str[0] = '\0';

    str[0] = '\0';

}

}

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_VIRTUAL_CABLE)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_VIRTUAL_CABLE)) !=

       NULL) &&

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == BOOLEAN_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1 &&

      (p_attr->attr_value.v.u8)) {

      (p_attr->attr_value.v.u8)) {

    attr_mask |= HID_VIRTUAL_CABLE;

    attr_mask |= HID_VIRTUAL_CABLE;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(

  if (((p_attr = SDP_FindAttributeInRec(

            p_rec, ATTR_ID_HID_RECONNECT_INITIATE)) != NULL) &&

            p_rec, ATTR_ID_HID_RECONNECT_INITIATE)) != NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == BOOLEAN_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1 &&

      (p_attr->attr_value.v.u8)) {

      (p_attr->attr_value.v.u8)) {

    attr_mask |= HID_RECONN_INIT;

    attr_mask |= HID_RECONN_INIT;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(

  if (((p_attr = SDP_FindAttributeInRec(

            p_rec, ATTR_ID_HID_NORMALLY_CONNECTABLE)) != NULL) &&

            p_rec, ATTR_ID_HID_NORMALLY_CONNECTABLE)) != NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == BOOLEAN_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1 &&

      (p_attr->attr_value.v.u8)) {

      (p_attr->attr_value.v.u8)) {

    attr_mask |= HID_NORMALLY_CONNECTABLE;

    attr_mask |= HID_NORMALLY_CONNECTABLE;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_SDP_DISABLE)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_SDP_DISABLE)) !=

       NULL) &&

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == BOOLEAN_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1 &&

      (p_attr->attr_value.v.u8)) {

      (p_attr->attr_value.v.u8)) {

    attr_mask |= HID_SDP_DISABLE;

    attr_mask |= HID_SDP_DISABLE;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_BATTERY_POWER)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_BATTERY_POWER)) !=

       NULL) &&

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == BOOLEAN_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1 &&

      (p_attr->attr_value.v.u8)) {

      (p_attr->attr_value.v.u8)) {

    attr_mask |= HID_BATTERY_POWER;

    attr_mask |= HID_BATTERY_POWER;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_REMOTE_WAKE)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_REMOTE_WAKE)) !=

       NULL) &&

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == BOOLEAN_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1 &&

      (p_attr->attr_value.v.u8)) {

      (p_attr->attr_value.v.u8)) {

    attr_mask |= HID_REMOTE_WAKE;

    attr_mask |= HID_REMOTE_WAKE;

  }

  }

                    p_nvi->prov_name);

                    p_nvi->prov_name);

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_DEVICE_RELNUM)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_DEVICE_RELNUM)) !=

       NULL)) {

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == UINT_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 2) {

    p_nvi->rel_num = p_attr->attr_value.v.u16;

    p_nvi->rel_num = p_attr->attr_value.v.u16;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_COUNTRY_CODE)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_COUNTRY_CODE)) !=

       NULL)) {

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == UINT_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1) {

    p_nvi->ctry_code = p_attr->attr_value.v.u8;

    p_nvi->ctry_code = p_attr->attr_value.v.u8;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_DEVICE_SUBCLASS)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_DEVICE_SUBCLASS)) !=

       NULL)) {

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == UINT_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 1) {

    p_nvi->sub_class = p_attr->attr_value.v.u8;

    p_nvi->sub_class = p_attr->attr_value.v.u8;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_PARSER_VERSION)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_PARSER_VERSION)) !=

       NULL)) {

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == UINT_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 2) {

    p_nvi->hpars_ver = p_attr->attr_value.v.u16;

    p_nvi->hpars_ver = p_attr->attr_value.v.u16;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(

  if (((p_attr = SDP_FindAttributeInRec(

            p_rec, ATTR_ID_HID_LINK_SUPERVISION_TO)) != NULL)) {

            p_rec, ATTR_ID_HID_LINK_SUPERVISION_TO)) != NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == UINT_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 2) {

    attr_mask |= HID_SUP_TOUT_AVLBL;

    attr_mask |= HID_SUP_TOUT_AVLBL;

    p_nvi->sup_timeout = p_attr->attr_value.v.u16;

    p_nvi->sup_timeout = p_attr->attr_value.v.u16;

  }

  }

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_SSR_HOST_MAX_LAT)) !=

  if (((p_attr = SDP_FindAttributeInRec(p_rec, ATTR_ID_HID_SSR_HOST_MAX_LAT)) !=

       NULL)) {

       NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == UINT_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 2) {

    attr_mask |= HID_SSR_MAX_LATENCY;

    attr_mask |= HID_SSR_MAX_LATENCY;

    p_nvi->ssr_max_latency = p_attr->attr_value.v.u16;

    p_nvi->ssr_max_latency = p_attr->attr_value.v.u16;

  } else

  } else

    p_nvi->ssr_max_latency = HID_SSR_PARAM_INVALID;

    p_nvi->ssr_max_latency = HID_SSR_PARAM_INVALID;

  if (((p_attr = SDP_FindAttributeInRec(

  if (((p_attr = SDP_FindAttributeInRec(

            p_rec, ATTR_ID_HID_SSR_HOST_MIN_TOUT)) != NULL)) {

            p_rec, ATTR_ID_HID_SSR_HOST_MIN_TOUT)) != NULL) &&

      SDP_DISC_ATTR_TYPE(p_attr->attr_len_type) == UINT_DESC_TYPE &&

      SDP_DISC_ATTR_LEN(p_attr->attr_len_type) >= 2) {

    attr_mask |= HID_SSR_MIN_TOUT;

    attr_mask |= HID_SSR_MIN_TOUT;

    p_nvi->ssr_min_tout = p_attr->attr_value.v.u16;

    p_nvi->ssr_min_tout = p_attr->attr_value.v.u16;

  } else

  } else