projects / platform / upstream / bluez.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: af63283)
GATT: Fix crash in ccc_write_cb. 81/270681/1
authorAnuj Jain <anuj01.jain@samsung.com>
Fri, 28 Jan 2022 11:08:38 +0000 (16:38 +0530)
committerdh79pyun <dh79.pyun@samsung.com>
Mon, 7 Feb 2022 22:53:41 +0000 (07:53 +0900)
When gatt client is disconnected after notification enable,
The pending_op becomes null which when used in stop_notify_setup
causes bluetoothd to crash.
This patch will fix the same.

Change-Id: I34ab72af291763fe6d7ae50ae517dc71ebf441e8
Signed-off-by: Anuj Jain <anuj01.jain@samsung.com>
Signed-off-by: dh79pyun <dh79.pyun@samsung.com>
src/gatt-database.c patch | blob | history

diff --git a/src/gatt-database.c b/src/gatt-database.c
index 6e65929..382f8dd 100644 (file)
--- a/src/gatt-database.c
+++ b/src/gatt-database.c
@@ -3182,8 +3182,12 @@ static uint8_t ccc_write_cb(struct pending_op *op, void *user_data)
                 * operation, so simply ignore the return the value.
                 */
 #ifdef TIZEN_FEATURE_BLUEZ_MODIFY
-               g_dbus_proxy_method_call(chrc->proxy, "StopNotify",
+               if (op)
+                       g_dbus_proxy_method_call(chrc->proxy, "StopNotify",
                                        stop_notify_setup, NULL, op, NULL);
+               else
+                       g_dbus_proxy_method_call(chrc->proxy, "StopNotify",
+                                       NULL, NULL, NULL, NULL);
 #else
                g_dbus_proxy_method_call(chrc->proxy, "StopNotify", NULL,
                                                        NULL, NULL, NULL);
@@ -3223,13 +3227,21 @@ static uint8_t ccc_write_cb(struct pending_op *op, void *user_data)
         * value for now.
         */
 #ifdef TIZEN_FEATURE_BLUEZ_MODIFY
-       if (g_dbus_proxy_method_call(chrc->proxy, "StartNotify", start_notify_setup, NULL,
-                                               op, NULL) == FALSE)
+       if (op) {
+               if (g_dbus_proxy_method_call(chrc->proxy, "StartNotify",
+                               start_notify_setup, NULL, op, NULL) == FALSE)
+                       return BT_ATT_ERROR_UNLIKELY;
+       }
+       else {
+               if (g_dbus_proxy_method_call(chrc->proxy, "StartNotify", NULL,
+                                       NULL, NULL, NULL) == FALSE)
+                       return BT_ATT_ERROR_UNLIKELY;
+       }
 #else
        if (g_dbus_proxy_method_call(chrc->proxy, "StartNotify", NULL, NULL,
                                                NULL, NULL) == FALSE)
-#endif
                return BT_ATT_ERROR_UNLIKELY;
+#endif
 
        __sync_fetch_and_add(&chrc->ntfy_cnt, 1);
 
Domain: Network & Connectivity / Bluetooth;