Dial uses variable length data, check if we received as much as was
declared. This fixes two negative ipc-tester cases for hfp-client dial
api call not passing.
---
android/handsfree-client.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/android/handsfree-client.c b/android/handsfree-client.c
index be29952..773ef76 100644
--- a/android/handsfree-client.c
+++ b/android/handsfree-client.c
@@ -97,6 +97,15 @@ static void handle_volume_control(const void *buf, uint16_t len)
static void handle_dial(const void *buf, uint16_t len)
{
+ const struct hal_cmd_hf_client_dial *cmd = buf;
+
+ if (len != sizeof(*cmd) + cmd->number_len) {
+ error("Malformed number data, size (%u bytes), terminating",
+ len);
+ raise(SIGTERM);
+ return;
+ }
+
DBG("Not Implemented");
ipc_send_rsp(hal_ipc, HAL_SERVICE_ID_HANDSFREE_CLIENT,
HAL_OP_HF_CLIENT_DIAL, HAL_STATUS_UNSUPPORTED);
--
1.9.1
Hi Jakub,
On Friday 26 of September 2014 12:04:15 Jakub Tyszkowski wrote:
> Dial uses variable length data, check if we received as much as was
> declared. This fixes two negative ipc-tester cases for hfp-client dial
> api call not passing.
> ---
> android/handsfree-client.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/android/handsfree-client.c b/android/handsfree-client.c
> index be29952..773ef76 100644
> --- a/android/handsfree-client.c
> +++ b/android/handsfree-client.c
> @@ -97,6 +97,15 @@ static void handle_volume_control(const void *buf, uint16_t len)
>
> static void handle_dial(const void *buf, uint16_t len)
> {
> + const struct hal_cmd_hf_client_dial *cmd = buf;
> +
> + if (len != sizeof(*cmd) + cmd->number_len) {
> + error("Malformed number data, size (%u bytes), terminating",
> + len);
> + raise(SIGTERM);
> + return;
> + }
> +
> DBG("Not Implemented");
> ipc_send_rsp(hal_ipc, HAL_SERVICE_ID_HANDSFREE_CLIENT,
> HAL_OP_HF_CLIENT_DIAL, HAL_STATUS_UNSUPPORTED);
>
Applied. Thanks.
--
Best regards,
Szymon Janc