From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Raghavender Reddy Bujala Date: Thu, 2 Dec 2021 16:04:19 +0530 Subject: [PATCH] BT: Once AT command is retrieved, return from method. - Observed SIGSEV issue in Defensics, when received buf is more than BTA_HF_CLIENT_AT_PARSER_MAX_LEN. - Commented recover cut data, after AT command is retrieved because leftover data/buf is more than BTA_HF_CLIENT_AT_PARSER_MAX_LEN and leading to offset corruption. CRs-Fixed: 3052411 Change-Id: I6375d00eebfbf97ffc40456622a6d39e4388f4b2 --- bta/hf_client/bta_hf_client_at.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/bta/hf_client/bta_hf_client_at.c b/bta/hf_client/bta_hf_client_at.c index 695c4fb32..f364e1c81 100644 --- a/bta/hf_client/bta_hf_client_at.c +++ b/bta/hf_client/bta_hf_client_at.c @@ -1578,9 +1578,14 @@ void bta_hf_client_at_parse(char *buf, unsigned int len) bta_hf_client_at_parse_start(); bta_hf_client_at_clear_buf(); - /* recover cut data */ - memcpy(bta_hf_client_cb.scb.at_cb.buf, tmp_buff, tmp); - bta_hf_client_cb.scb.at_cb.offset += tmp; + /* TODO: recover cut data */ + // memcpy(bta_hf_client_cb.scb.at_cb.buf, tmp_buff, tmp); + // bta_hf_client_cb.scb.at_cb.offset += tmp; + + // Observed SIGSEV issue in Defensics, when received buf is more than + // BTA_HF_CLIENT_AT_PARSER_MAX_LEN. + // Assuming to return from here, Once AT command is retrieved. + return; } memcpy(bta_hf_client_cb.scb.at_cb.buf + bta_hf_client_cb.scb.at_cb.offset, buf, len);