From d13f579a36e8b4f6ea6f45fbab8b77f368116987 Mon Sep 17 00:00:00 2001
From: Konstantin Zhukov <zhukov@mercurydevelopment.com>
Date: Mon, 12 Feb 2018 14:40:30 +0400
Subject: [PATCH] shared/gatt-db: Fix declaration attributes permission

According to Bluetooth Core specification v4.2 (Vol. 3, part G,
section 3.1), service declararion attributes should have only READ
permission. The same obligation has charateristic declaration and
include service declaration attributes.

Without this permission connected clients could corrupt GATT database
by writing to declaration attributes. After thatm service discovery
fails in other clients.
---
 src/shared/gatt-db.c | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/src/shared/gatt-db.c b/src/shared/gatt-db.c
index 2487584f3..d28301ac4 100644
--- a/src/shared/gatt-db.c
+++ b/src/shared/gatt-db.c
@@ -115,6 +115,18 @@ struct gatt_db_service {
 	struct gatt_db_attribute **attributes;
 };
 
+static void set_attribute_data(struct gatt_db_attribute *attribute,
+						gatt_db_read_t read_func,
+						gatt_db_write_t write_func,
+						uint32_t permissions,
+						void *user_data)
+{
+	attribute->permissions = permissions;
+	attribute->read_func = read_func;
+	attribute->write_func = write_func;
+	attribute->user_data = user_data;
+}
+
 static void pending_read_result(struct pending_read *p, int err,
 					const uint8_t *data, size_t length)
 {
@@ -387,6 +399,8 @@ static struct gatt_db_service *gatt_db_service_create(const bt_uuid_t *uuid,
 		return NULL;
 	}
 
+	set_attribute_data(service->attributes[0], NULL, NULL, BT_ATT_PERM_READ, NULL);
+
 	return service;
 }
 
@@ -655,18 +669,6 @@ attribute_update(struct gatt_db_service *service, int index)
 	return service->attributes[index];
 }
 
-static void set_attribute_data(struct gatt_db_attribute *attribute,
-						gatt_db_read_t read_func,
-						gatt_db_write_t write_func,
-						uint32_t permissions,
-						void *user_data)
-{
-	attribute->permissions = permissions;
-	attribute->read_func = read_func;
-	attribute->write_func = write_func;
-	attribute->user_data = user_data;
-}
-
 static struct gatt_db_attribute *
 service_insert_characteristic(struct gatt_db_service *service,
 					uint16_t handle,
@@ -718,6 +720,8 @@ service_insert_characteristic(struct gatt_db_service *service,
 	if (!service->attributes[i])
 		return NULL;
 
+	set_attribute_data(service->attributes[i], NULL, NULL, BT_ATT_PERM_READ, NULL);
+
 	i++;
 
 	service->attributes[i] = new_attribute(service, handle, uuid, NULL, 0);
@@ -929,7 +933,7 @@ service_insert_included(struct gatt_db_service *service, uint16_t handle,
 	 *
 	 * TODO handle permissions
 	 */
-	set_attribute_data(service->attributes[index], NULL, NULL, 0, NULL);
+	set_attribute_data(service->attributes[index], NULL, NULL, BT_ATT_PERM_READ, NULL);
 
 	return attribute_update(service, index);
 }
-- 
2.47.3