Validate address for sending GATT notification

This patch handles validating remote address provided
by application for sending GATT server notification.

Change-Id: Iaae70970bd9f03b2da2beb8e9f0e63f8fad2ea43
Signed-off-by: Anupam Roy <anupam.r@samsung.com>

diff --git a/include/bluetooth_private.h b/include/bluetooth_private.h
index 1b19e05..c0bf50b 100644 (file)
--- a/include/bluetooth_private.h
+++ b/include/bluetooth_private.h
@@ -66,6 +66,7 @@ extern "C" {
 #define PXP_LINK_LOSS_SVC_UUID         "1803"
 #define PXP_TX_POWER_SVC_UUID          "1804"
 
+#define BT_ADDRESS_REGEX_STRING "^([0-9a-fA-F][0-9a-fA-F]:){5}([0-9a-fA-F][0-9a-fA-F])$"
 /**
  * @internal
  * @brief Bluetooth callback.
@@ -753,6 +754,8 @@ int _bt_convert_address_to_string(char **addr_str, bluetooth_device_address_t *a
  */
 void _bt_convert_address_to_hex(bluetooth_device_address_t *addr_hex, const char *addr_str);
 
+gboolean _bt_validate_device_address(const char *addr_str);
+
 void _handle_gatt_client_read_completed_event(int result, bt_gatt_resp_data_t *resp);
 
 void _handle_gatt_client_write_completed_event(int result, bt_gatt_resp_data_t *resp);

diff --git a/src/bluetooth-common.c b/src/bluetooth-common.c
index c6514ef..78cde86 100644 (file)
--- a/src/bluetooth-common.c
+++ b/src/bluetooth-common.c
@@ -653,6 +653,42 @@ int _bt_convert_address_to_string(char **addr_str, bluetooth_device_address_t *a
                return BT_ERROR_OUT_OF_MEMORY; /* LCOV_EXCL_LINE */
 }
 
+gboolean _bt_utf8_validate(const char *name)
+{
+       gunichar2 *u16;
+       glong items_written = 0;
+
+       if (FALSE == g_utf8_validate(name, -1, NULL))
+               return FALSE;
+
+       u16 = g_utf8_to_utf16(name, -1, NULL, &items_written, NULL);
+       if (u16 == NULL)
+               return FALSE;
+
+       g_free(u16);
+       if (items_written != g_utf8_strlen(name, -1))
+               return FALSE;
+
+       return TRUE;
+}
+
+gboolean _bt_validate_device_address(const char *addr_str)
+{
+
+       if (!addr_str) {
+               BT_INFO("NULL address");
+               return TRUE;
+       }
+
+       if (_bt_utf8_validate(addr_str) == FALSE) {
+               BT_ERR("Srting UTF-8 validation failed!");
+               return FALSE;
+       }
+
+       return g_regex_match_simple(BT_ADDRESS_REGEX_STRING,
+                       addr_str, G_REGEX_OPTIMIZE, 0);
+}
+
 void _bt_convert_address_to_hex(bluetooth_device_address_t *addr_hex, const char *addr_str)
 {
        char *ptr1, *ptr2, *ptr3, *ptr4, *ptr5;
@@ -2828,6 +2864,7 @@ static void __bt_event_proxy(int event, bluetooth_event_param_t *param, void *us
                        return;
                }
 
+               BT_INFO("CCCD Noticfication ENABLED [%d]", notif_info->notification);
                cb(notif_info->notification, server_handle, char_handle, user_data_cfm);
 #else
                bt_gatt_char_notify_change_t *value_change = param->param_data;

diff --git a/src/bluetooth-gatt.c b/src/bluetooth-gatt.c
index 8c43fcd..1915e47 100644 (file)
--- a/src/bluetooth-gatt.c
+++ b/src/bluetooth-gatt.c
@@ -3248,6 +3248,10 @@ int bt_gatt_server_notify_characteristic_changed_value(bt_gatt_h characteristic,
 
        BT_VALIDATE_GATT_HANDLE(characteristic);
 
+       BT_INFO("Device Address [%s]", device_address);
+       if (!_bt_validate_device_address(device_address))
+               return BT_ERROR_INVALID_PARAMETER;
+
        _bt_convert_address_to_hex(&addr_hex, device_address); /* LCOV_EXCL_START */
 
 #ifdef TIZEN_FEATURE_GATT_RELAY