Skip to content

Commit 5659b00

Browse files
cvinayakcarlescufi
cvinayak
authored and
carlescufi
committed
Bluetooth: Controller: Add checks for invalid PHYs
Add checks for invalid PHYs supplied to HCI LE Extended Scan Parameters and LE Extended Create Connection commands. Signed-off-by: Vinayak Kariappa Chettimada <[email protected]>
1 parent 027835f commit 5659b00

File tree

1 file changed

+26
-16
lines changed
  • subsys/bluetooth/controller/hci

1 file changed

+26
-16
lines changed

subsys/bluetooth/controller/hci/hci.c

Lines changed: 26 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -3108,13 +3108,6 @@ static void le_set_ext_scan_param(struct net_buf *buf, struct net_buf **evt)
31083108
return;
31093109
}
31103110

3111-
/* TODO: add parameter checks */
3112-
3113-
own_addr_type = cmd->own_addr_type;
3114-
filter_policy = cmd->filter_policy;
3115-
phys = cmd->phys;
3116-
p = cmd->p;
3117-
31183111
/* Number of bits set indicate scan sets to be configured by calling
31193112
* ll_scan_params_set function.
31203113
*/
@@ -3123,6 +3116,18 @@ static void le_set_ext_scan_param(struct net_buf *buf, struct net_buf **evt)
31233116
phys_bitmask |= BT_HCI_LE_EXT_SCAN_PHY_CODED;
31243117
}
31253118

3119+
phys = cmd->phys;
3120+
if (IS_ENABLED(CONFIG_BT_CTLR_PARAM_CHECK) &&
3121+
(phys > phys_bitmask)) {
3122+
*evt = cmd_complete_status(BT_HCI_ERR_UNSUPP_FEATURE_PARAM_VAL);
3123+
3124+
return;
3125+
}
3126+
3127+
own_addr_type = cmd->own_addr_type;
3128+
filter_policy = cmd->filter_policy;
3129+
p = cmd->p;
3130+
31263131
/* Irrespective of enabled PHYs to scan for, ll_scan_params_set needs
31273132
* to be called to initialise the scan sets.
31283133
* Passing interval and window as 0, disable the particular scan set
@@ -3276,15 +3281,6 @@ static void le_ext_create_connection(struct net_buf *buf, struct net_buf **evt)
32763281
return;
32773282
}
32783283

3279-
/* TODO: add additional parameter checks */
3280-
3281-
filter_policy = cmd->filter_policy;
3282-
own_addr_type = cmd->own_addr_type;
3283-
peer_addr_type = cmd->peer_addr.type;
3284-
peer_addr = cmd->peer_addr.a.val;
3285-
phys = cmd->phys;
3286-
p = cmd->p;
3287-
32883284
/* Number of bits set indicate scan sets to be configured by calling
32893285
* ll_create_connection function.
32903286
*/
@@ -3293,6 +3289,20 @@ static void le_ext_create_connection(struct net_buf *buf, struct net_buf **evt)
32933289
phys_bitmask |= BT_HCI_LE_EXT_SCAN_PHY_CODED;
32943290
}
32953291

3292+
phys = cmd->phys;
3293+
if (IS_ENABLED(CONFIG_BT_CTLR_PARAM_CHECK) &&
3294+
(phys > phys_bitmask)) {
3295+
*evt = cmd_status(BT_HCI_ERR_UNSUPP_FEATURE_PARAM_VAL);
3296+
3297+
return;
3298+
}
3299+
3300+
filter_policy = cmd->filter_policy;
3301+
own_addr_type = cmd->own_addr_type;
3302+
peer_addr_type = cmd->peer_addr.type;
3303+
peer_addr = cmd->peer_addr.a.val;
3304+
p = cmd->p;
3305+
32963306
do {
32973307
uint16_t supervision_timeout;
32983308
uint16_t conn_interval_max;

0 commit comments

Comments
 (0)