From 504a0cf46ad89cab8005ce9cffb22e41048f6a30 Mon Sep 17 00:00:00 2001 From: Anderson Lizardo Date: Tue, 8 Jan 2013 19:05:25 -0400 Subject: [PATCH] lib: Fix SDP_TEXT_STR16/SDP_URL_STR16 parsing sdp_extract_attr() uses the "size" parameter to return the number of bytes consumed when parsing SDP Data Elements. This size is used to advance a buffer pointer to parse next element. This size was being incorrectly calculated for SDP_{TEXT,URL}_STR16 in extract_str(), where the string length was added twice. The string length is already added later in the function for {TEXT,URL}_STR{8,16} by this statement: *len += n; --- lib/sdp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/sdp.c b/lib/sdp.c index ca474cd3b..b87f392ac 100644 --- a/lib/sdp.c +++ b/lib/sdp.c @@ -1176,7 +1176,7 @@ static sdp_data_t *extract_str(const void *p, int bufsize, int *len) } n = bt_get_be16(p); p += sizeof(uint16_t); - *len += sizeof(uint16_t) + n; + *len += sizeof(uint16_t); bufsize -= sizeof(uint16_t); break; default: -- 2.47.3