DivestOS/Patches/LineageOS-14.1/android_system_bt/346952.patch
Tad efa31534a9
Picks
Signed-off-by: Tad <tad@spotco.us>
2023-01-07 10:52:03 -05:00

42 lines
1.6 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Raghavender Reddy Bujala <c-bujalr@codeaurora.org>
Date: Thu, 2 Dec 2021 16:04:19 +0530
Subject: [PATCH] BT: Once AT command is retrieved, return from method.
- Observed SIGSEV issue in Defensics, when received
buf is more than BTA_HF_CLIENT_AT_PARSER_MAX_LEN.
- Commented recover cut data, after AT command is
retrieved because leftover data/buf is more than
BTA_HF_CLIENT_AT_PARSER_MAX_LEN and leading to
offset corruption.
CRs-Fixed: 3052411
Change-Id: I6375d00eebfbf97ffc40456622a6d39e4388f4b2
---
bta/hf_client/bta_hf_client_at.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/bta/hf_client/bta_hf_client_at.c b/bta/hf_client/bta_hf_client_at.c
index 695c4fb32..f364e1c81 100644
--- a/bta/hf_client/bta_hf_client_at.c
+++ b/bta/hf_client/bta_hf_client_at.c
@@ -1578,9 +1578,14 @@ void bta_hf_client_at_parse(char *buf, unsigned int len)
bta_hf_client_at_parse_start();
bta_hf_client_at_clear_buf();
- /* recover cut data */
- memcpy(bta_hf_client_cb.scb.at_cb.buf, tmp_buff, tmp);
- bta_hf_client_cb.scb.at_cb.offset += tmp;
+ /* TODO: recover cut data */
+ // memcpy(bta_hf_client_cb.scb.at_cb.buf, tmp_buff, tmp);
+ // bta_hf_client_cb.scb.at_cb.offset += tmp;
+
+ // Observed SIGSEV issue in Defensics, when received buf is more than
+ // BTA_HF_CLIENT_AT_PARSER_MAX_LEN.
+ // Assuming to return from here, Once AT command is retrieved.
+ return;
}
memcpy(bta_hf_client_cb.scb.at_cb.buf + bta_hf_client_cb.scb.at_cb.offset, buf, len);