Loading system/stack/avdt/avdt_msg.cc +21 −9 Original line number Diff line number Diff line Loading @@ -985,18 +985,30 @@ static uint8_t avdt_msg_prs_security_rsp(tAVDT_MSG* p_msg, uint8_t* p, * Returns Error code or zero if no error. * ******************************************************************************/ static uint8_t avdt_msg_prs_rej(tAVDT_MSG* p_msg, uint8_t* p, uint8_t sig) { static uint8_t avdt_msg_prs_rej(tAVDT_MSG* p_msg, uint8_t* p, uint16_t len, uint8_t sig) { uint8_t error = 0; if (len > 0) { if ((sig == AVDT_SIG_SETCONFIG) || (sig == AVDT_SIG_RECONFIG)) { p_msg->hdr.err_param = *p++; p_msg->hdr.err_code = *p; len--; } else if ((sig == AVDT_SIG_START) || (sig == AVDT_SIG_SUSPEND)) { AVDT_MSG_PRS_SEID(p, p_msg->hdr.err_param); p_msg->hdr.err_code = *p; len--; } } if (len < 1) { char error_info[] = "AVDT rejected response length mismatch"; android_errorWriteWithInfoLog(0x534e4554, "79702484", -1, error_info, strlen(error_info)); error = AVDT_ERR_LENGTH; } else { p_msg->hdr.err_code = *p; } return 0; return error; } /******************************************************************************* Loading Loading @@ -1604,7 +1616,7 @@ void avdt_msg_ind(AvdtpCcb* p_ccb, BT_HDR* p_buf) { evt = avdt_msg_rsp_2_evt[sig - 1]; } else /* msg_type == AVDT_MSG_TYPE_REJ */ { err = avdt_msg_prs_rej(&msg, p, sig); err = avdt_msg_prs_rej(&msg, p, p_buf->len, sig); evt = avdt_msg_rej_2_evt[sig - 1]; } Loading Loading
system/stack/avdt/avdt_msg.cc +21 −9 Original line number Diff line number Diff line Loading @@ -985,18 +985,30 @@ static uint8_t avdt_msg_prs_security_rsp(tAVDT_MSG* p_msg, uint8_t* p, * Returns Error code or zero if no error. * ******************************************************************************/ static uint8_t avdt_msg_prs_rej(tAVDT_MSG* p_msg, uint8_t* p, uint8_t sig) { static uint8_t avdt_msg_prs_rej(tAVDT_MSG* p_msg, uint8_t* p, uint16_t len, uint8_t sig) { uint8_t error = 0; if (len > 0) { if ((sig == AVDT_SIG_SETCONFIG) || (sig == AVDT_SIG_RECONFIG)) { p_msg->hdr.err_param = *p++; p_msg->hdr.err_code = *p; len--; } else if ((sig == AVDT_SIG_START) || (sig == AVDT_SIG_SUSPEND)) { AVDT_MSG_PRS_SEID(p, p_msg->hdr.err_param); p_msg->hdr.err_code = *p; len--; } } if (len < 1) { char error_info[] = "AVDT rejected response length mismatch"; android_errorWriteWithInfoLog(0x534e4554, "79702484", -1, error_info, strlen(error_info)); error = AVDT_ERR_LENGTH; } else { p_msg->hdr.err_code = *p; } return 0; return error; } /******************************************************************************* Loading Loading @@ -1604,7 +1616,7 @@ void avdt_msg_ind(AvdtpCcb* p_ccb, BT_HDR* p_buf) { evt = avdt_msg_rsp_2_evt[sig - 1]; } else /* msg_type == AVDT_MSG_TYPE_REJ */ { err = avdt_msg_prs_rej(&msg, p, sig); err = avdt_msg_prs_rej(&msg, p, p_buf->len, sig); evt = avdt_msg_rej_2_evt[sig - 1]; } Loading
