Lipasto

Diff between 42aeb1a8ecb71c7719035fde027cdda307a1d12f and 59ccaef03ca7a1b889f6d3784ca06c41e34b1857

Changed Files

File	Additions	Deletions	Status
android/hal-handsfree.c	+9	-6	modified
android/handsfree.c	+4	-6	modified
Full Patch

diff --git a/android/hal-handsfree.c b/android/hal-handsfree.c
index 4117ed0..5f484fe 100644
--- a/android/hal-handsfree.c
+++ b/android/hal-handsfree.c
@@ -83,8 +83,10 @@ static void handle_volume(void *buf, uint16_t len)
 static void handle_dial(void *buf, uint16_t len)
 {
 	struct hal_ev_handsfree_dial *ev = buf;
+	uint16_t num_len = ev->number_len;
 
-	if (len != sizeof(*ev) + ev->number_len) {
+	if (len != sizeof(*ev) + num_len ||
+			(num_len != 0 && ev->number[num_len - 1] != '\0')) {
 		error("invalid dial event, aborting");
 		exit(EXIT_FAILURE);
 	}
@@ -145,7 +147,8 @@ static void handle_unknown_at(void *buf, uint16_t len)
 {
 	struct hal_ev_handsfree_unknown_at *ev = buf;
 
-	if (len != sizeof(*ev) + ev->len) {
+	if (len != sizeof(*ev) + ev->len ||
+			(ev->len != 0 && ev->buf[ev->len - 1] != '\0')) {
 		error("invalid unknown command event, aborting");
 		exit(EXIT_FAILURE);
 	}
@@ -387,7 +390,7 @@ static bt_status_t cops_response(const char *cops)
 	if (!cops)
 		return BT_STATUS_PARM_INVALID;
 
-	cmd->len = strlen(cops);
+	cmd->len = strlen(cops) + 1;
 	memcpy(cmd->buf, cops, cmd->len);
 
 	len = sizeof(*cmd) + cmd->len;
@@ -435,7 +438,7 @@ static bt_status_t formatted_at_response(const char *rsp)
 	if (!rsp)
 		return BT_STATUS_PARM_INVALID;
 
-	cmd->len = strlen(rsp);
+	cmd->len = strlen(rsp) + 1;
 	memcpy(cmd->buf, rsp, cmd->len);
 
 	len = sizeof(*cmd) + cmd->len;
@@ -486,7 +489,7 @@ static bt_status_t clcc_response(int index, bthf_call_direction_t dir,
 	cmd->type = type;
 
 	if (number) {
-		cmd->number_len = strlen(number);
+		cmd->number_len = strlen(number) + 1;
 		memcpy(cmd->number, number, cmd->number_len);
 	} else {
 		cmd->number_len = 0;
@@ -519,7 +522,7 @@ static bt_status_t phone_state_change(int num_active, int num_held,
 	cmd->type = type;
 
 	if (number) {
-		cmd->number_len = strlen(number);
+		cmd->number_len = strlen(number) + 1;
 		memcpy(cmd->number, number, cmd->number_len);
 	} else {
 		cmd->number_len = 0;
diff --git a/android/handsfree.c b/android/handsfree.c
index 76a2de2..fa0726a 100644
--- a/android/handsfree.c
+++ b/android/handsfree.c
@@ -1013,9 +1013,9 @@ static void handle_device_status_notif(const void *buf, uint16_t len)
 static void handle_cops(const void *buf, uint16_t len)
 {
 	const struct hal_cmd_handsfree_cops_response *cmd = buf;
-	char operator[17];
 
-	if (len != sizeof(*cmd) + cmd->len) {
+	if (len != sizeof(*cmd) + cmd->len ||
+			(cmd->len != 0 && cmd->buf[cmd->len - 1] != '\0')) {
 		error("Invalid cops response command, terminating");
 		raise(SIGTERM);
 		return;
@@ -1023,10 +1023,8 @@ static void handle_cops(const void *buf, uint16_t len)
 
 	DBG("");
 
-	memset(operator, 0, sizeof(operator));
-	memcpy(operator, cmd->buf, MIN(cmd->len, 16));
-
-	hfp_gw_send_info(device.gw, "+COPS: 0,0,\"%s\" ", operator);
+	hfp_gw_send_info(device.gw, "+COPS: 0,0,\"%.16s\"",
+					cmd->len ? (char *) cmd->buf : "");
 
 	hfp_gw_send_result(device.gw, HFP_RESULT_OK);