gatt-server: Flush notify multiple buffer when full and fix overflow This fixes the calculation of available buffer space in bt_gatt_server_send_notification and sends pending notifications immediately when there is no more room to add a notification. Previously there was a buffer overflow caused by incorrect calculation of available buffer space: data->offset can equal data->len from a previous call to this function, leading (data->len - data->offset) to underflow after data->offset += 2.

Diffstat

1 files changed, 36 insertions(+), 7 deletions(-)