client: Update write callbacks with invalid offset error handlers

This patch adds invalid offset handlers to write callbacks of attributes.

Signed-off-by: Anuj Jain <anuj01.jain@samsung.com>
Signed-off-by: Ayush Garg <ayush.garg@samsung.com>

diff --git a/client/gatt.c b/client/gatt.c
index c7a8ca4..c48e94e 100755 (executable)
--- a/client/gatt.c
+++ b/client/gatt.c
@@ -2143,6 +2143,12 @@ static void authorize_write_response(const char *input, void *user_data)
                goto error;
        }
 
+       if (aad->offset > chrc->value_len) {
+               err = "org.bluez.Error.InvalidOffset";
+
+               goto error;
+       }
+
        /* Authorization check of prepare writes */
        if (prep_authorize) {
                reply = g_dbus_create_reply(pending_message, DBUS_TYPE_INVALID);
@@ -2274,6 +2280,11 @@ static DBusMessage *chrc_write_value(DBusConnection *conn, DBusMessage *msg,
                return NULL;
        }
 
+       if (offset > chrc->value_len)
+               return g_dbus_create_error(msg,
+                               "org.bluez.Error.InvalidOffset", NULL);
+
+
        /* Authorization check of prepare writes */
        if (prep_authorize)
                return g_dbus_create_reply(msg, DBUS_TYPE_INVALID);
@@ -2685,6 +2696,10 @@ static DBusMessage *desc_write_value(DBusConnection *conn, DBusMessage *msg,
                return g_dbus_create_error(msg,
                                "org.bluez.Error.InvalidArguments", NULL);
 
+       if (offset > desc->value_len)
+               return g_dbus_create_error(msg,
+                               "org.bluez.Error.InvalidOffset", NULL);
+
        if (write_value(&desc->value_len, &desc->value, value,
                                        value_len, offset, desc->max_val_len))
                return g_dbus_create_error(msg,