Loading system/stack/avrc/avrc_opt.cc +13 −2 Original line number Diff line number Diff line Loading @@ -49,9 +49,20 @@ static BT_HDR* avrc_vendor_msg(tAVRC_MSG_VENDOR* p_msg) { BT_HDR* p_cmd; uint8_t* p_data; CHECK(p_msg != NULL); /* An AVRC cmd consists of at least of: - A BT_HDR, plus - AVCT_MSG_OFFSET, plus - 3 bytes for ctype, subunit_type and op_vendor, plus - 3 bytes for company_id */ #define AVRC_MIN_VENDOR_CMD_LEN (sizeof(BT_HDR) + AVCT_MSG_OFFSET + 3 + 3) if (p_msg == nullptr || AVRC_META_CMD_BUF_SIZE < AVRC_MIN_VENDOR_CMD_LEN + p_msg->vendor_len) { return nullptr; } CHECK(AVRC_META_CMD_BUF_SIZE > (AVRC_MIN_CMD_LEN + p_msg->vendor_len)); p_cmd = (BT_HDR*)osi_calloc(AVRC_META_CMD_BUF_SIZE); p_cmd->offset = AVCT_MSG_OFFSET; Loading Loading
system/stack/avrc/avrc_opt.cc +13 −2 Original line number Diff line number Diff line Loading @@ -49,9 +49,20 @@ static BT_HDR* avrc_vendor_msg(tAVRC_MSG_VENDOR* p_msg) { BT_HDR* p_cmd; uint8_t* p_data; CHECK(p_msg != NULL); /* An AVRC cmd consists of at least of: - A BT_HDR, plus - AVCT_MSG_OFFSET, plus - 3 bytes for ctype, subunit_type and op_vendor, plus - 3 bytes for company_id */ #define AVRC_MIN_VENDOR_CMD_LEN (sizeof(BT_HDR) + AVCT_MSG_OFFSET + 3 + 3) if (p_msg == nullptr || AVRC_META_CMD_BUF_SIZE < AVRC_MIN_VENDOR_CMD_LEN + p_msg->vendor_len) { return nullptr; } CHECK(AVRC_META_CMD_BUF_SIZE > (AVRC_MIN_CMD_LEN + p_msg->vendor_len)); p_cmd = (BT_HDR*)osi_calloc(AVRC_META_CMD_BUF_SIZE); p_cmd->offset = AVCT_MSG_OFFSET; Loading
