From c7617662d585d91703e3c2d2450d5100d82edcac Mon Sep 17 00:00:00 2001 From: Arman Uguray Date: Mon, 17 Nov 2014 08:08:11 -0800 Subject: [PATCH] tools/btgatt-server: Free and early return if device name has length 0. In the write callback for the device name characteristic, we should check early if the value is being truncated completely and free the value and return. Otherwise, the realloc call might correctly return NULL if called with a length of 0, which would be incorrectly treated as an error. --- tools/btgatt-server.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tools/btgatt-server.c b/tools/btgatt-server.c index 2b89be165..c603b3043 100644 --- a/tools/btgatt-server.c +++ b/tools/btgatt-server.c @@ -160,6 +160,14 @@ static void gap_device_name_write_cb(struct gatt_db_attribute *attrib, PRLOG("GAP Device Name Write called\n"); + /* If the value is being completely truncated, clean up and return */ + if (!(offset + len)) { + free(server->device_name); + server->device_name = NULL; + server->name_len = 0; + goto done; + } + /* Implement this as a variable length attribute value. */ if (offset > server->name_len) { error = BT_ATT_ERROR_INVALID_OFFSET; -- 2.47.3