Skip to content

Commit b537b5a

Browse files
sjancsjanc
committed
Bluetooth: Host: L2CAP: Fix checking signaling packets size
Recent test specification added additional test for validating invalid packet sizes on L2CAP signaling channel. IUT is allowed to either disconnect link, ignore packet, reject packet or issue a warning to upper tester if other action is taken. To keep things in line with previous check for too small size simply ignore fixed size packets of invalid length. This was affecting L2CAP/COS/CED/BI-11-C qualification test. Signed-off-by: Szymon Janc <[email protected]>
1 parent 6e34acc commit b537b5a

File tree

1 file changed

+16
-16
lines changed

1 file changed

+16
-16
lines changed

subsys/bluetooth/host/l2cap.c

+16-16
Original file line numberDiff line numberDiff line change
@@ -1049,8 +1049,8 @@ static void le_conn_param_rsp(struct bt_l2cap *l2cap, struct net_buf *buf)
10491049
{
10501050
struct bt_l2cap_conn_param_rsp *rsp = (void *)buf->data;
10511051

1052-
if (buf->len < sizeof(*rsp)) {
1053-
LOG_ERR("Too small LE conn param rsp");
1052+
if (buf->len != sizeof(*rsp)) {
1053+
LOG_ERR("Invalid LE conn param rsp size");
10541054
return;
10551055
}
10561056

@@ -1066,8 +1066,8 @@ static void le_conn_param_update_req(struct bt_l2cap *l2cap, uint8_t ident,
10661066
struct bt_l2cap_conn_param_req *req = (void *)buf->data;
10671067
bool accepted;
10681068

1069-
if (buf->len < sizeof(*req)) {
1070-
LOG_ERR("Too small LE conn update param req");
1069+
if (buf->len != sizeof(*req)) {
1070+
LOG_ERR("Invalid LE conn update param req size");
10711071
return;
10721072
}
10731073

@@ -1458,8 +1458,8 @@ static void le_conn_req(struct bt_l2cap *l2cap, uint8_t ident,
14581458
uint16_t psm, scid, mtu, mps, credits;
14591459
uint16_t result;
14601460

1461-
if (buf->len < sizeof(*req)) {
1462-
LOG_ERR("Too small LE conn req packet size");
1461+
if (buf->len != sizeof(*req)) {
1462+
LOG_ERR("Invalid LE conn req packet size");
14631463
return;
14641464
}
14651465

@@ -1759,8 +1759,8 @@ static void le_ecred_reconf_rsp(struct bt_l2cap *l2cap, uint8_t ident,
17591759
struct bt_l2cap_le_chan *ch;
17601760
uint16_t result;
17611761

1762-
if (buf->len < sizeof(*rsp)) {
1763-
LOG_ERR("Too small ecred reconf rsp packet size");
1762+
if (buf->len != sizeof(*rsp)) {
1763+
LOG_ERR("Invalid ecred reconf rsp packet size");
17641764
return;
17651765
}
17661766

@@ -1820,8 +1820,8 @@ static void le_disconn_req(struct bt_l2cap *l2cap, uint8_t ident,
18201820
struct bt_l2cap_disconn_rsp *rsp;
18211821
uint16_t dcid;
18221822

1823-
if (buf->len < sizeof(*req)) {
1824-
LOG_ERR("Too small LE conn req packet size");
1823+
if (buf->len != sizeof(*req)) {
1824+
LOG_ERR("Invalid LE conn req packet size");
18251825
return;
18261826
}
18271827

@@ -2039,8 +2039,8 @@ static void le_conn_rsp(struct bt_l2cap *l2cap, uint8_t ident,
20392039
struct bt_l2cap_le_conn_rsp *rsp = (void *)buf->data;
20402040
uint16_t dcid, mtu, mps, credits, result;
20412041

2042-
if (buf->len < sizeof(*rsp)) {
2043-
LOG_ERR("Too small LE conn rsp packet size");
2042+
if (buf->len != sizeof(*rsp)) {
2043+
LOG_ERR("Invalid LE conn rsp packet size");
20442044
return;
20452045
}
20462046

@@ -2111,8 +2111,8 @@ static void le_disconn_rsp(struct bt_l2cap *l2cap, uint8_t ident,
21112111
struct bt_l2cap_disconn_rsp *rsp = (void *)buf->data;
21122112
uint16_t scid;
21132113

2114-
if (buf->len < sizeof(*rsp)) {
2115-
LOG_ERR("Too small LE disconn rsp packet size");
2114+
if (buf->len != sizeof(*rsp)) {
2115+
LOG_ERR("Invalid LE disconn rsp packet size");
21162116
return;
21172117
}
21182118

@@ -2137,8 +2137,8 @@ static void le_credits(struct bt_l2cap *l2cap, uint8_t ident,
21372137
struct bt_l2cap_le_chan *le_chan;
21382138
uint16_t credits, cid;
21392139

2140-
if (buf->len < sizeof(*ev)) {
2141-
LOG_ERR("Too small LE Credits packet size");
2140+
if (buf->len != sizeof(*ev)) {
2141+
LOG_ERR("Invalid LE Credits packet size");
21422142
return;
21432143
}
21442144

0 commit comments

Comments
 (0)