| gatt_client.c (aacf1b1ab90316687ac04c8c16a483c6697d9291) | gatt_client.c (ae1ee62db083346f1b0f73e2cedbe2d7798ffe2a) |
|---|---|
| 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 693 unchanged lines hidden (view full) --- 702 gatt_client->query_end_handle, uuid128); 703} 704 705// @return packet pointer 706// @note assume that value is part of an l2cap buffer - overwrite HCI + L2CAP packet headers 707static const int characteristic_value_event_header_size = 8; 708static uint8_t * setup_characteristic_value_packet(uint8_t type, hci_con_handle_t con_handle, uint16_t attribute_handle, uint8_t * value, uint16_t length){ 709#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION | 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 693 unchanged lines hidden (view full) --- 702 gatt_client->query_end_handle, uuid128); 703} 704 705// @return packet pointer 706// @note assume that value is part of an l2cap buffer - overwrite HCI + L2CAP packet headers 707static const int characteristic_value_event_header_size = 8; 708static uint8_t * setup_characteristic_value_packet(uint8_t type, hci_con_handle_t con_handle, uint16_t attribute_handle, uint8_t * value, uint16_t length){ 709#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION |
| 710 // avoid using pre ATT headers. 711 return NULL; 712#endif | 710 // copy value into test packet for testing 711 static uint8_t packet[1000]; 712 memcpy(&packet[8], value, length); 713#else |
| 713 // before the value inside the ATT PDU 714 uint8_t * packet = value - characteristic_value_event_header_size; | 714 // before the value inside the ATT PDU 715 uint8_t * packet = value - characteristic_value_event_header_size; |
| 716#endif |
|
| 715 packet[0] = type; 716 packet[1] = characteristic_value_event_header_size - 2 + length; 717 little_endian_store_16(packet, 2, con_handle); 718 little_endian_store_16(packet, 4, attribute_handle); 719 little_endian_store_16(packet, 6, length); 720 return packet; 721} 722 --- 1611 unchanged lines hidden (view full) --- 2334 att_dispatch_client_request_can_send_now_event(context->con_handle); 2335 return ERROR_CODE_SUCCESS; 2336} 2337 2338#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 2339void gatt_client_att_packet_handler_fuzz(uint8_t packet_type, uint16_t handle, uint8_t *packet, uint16_t size){ 2340 gatt_client_att_packet_handler(packet_type, handle, packet, size); 2341} | 717 packet[0] = type; 718 packet[1] = characteristic_value_event_header_size - 2 + length; 719 little_endian_store_16(packet, 2, con_handle); 720 little_endian_store_16(packet, 4, attribute_handle); 721 little_endian_store_16(packet, 6, length); 722 return packet; 723} 724 --- 1611 unchanged lines hidden (view full) --- 2336 att_dispatch_client_request_can_send_now_event(context->con_handle); 2337 return ERROR_CODE_SUCCESS; 2338} 2339 2340#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 2341void gatt_client_att_packet_handler_fuzz(uint8_t packet_type, uint16_t handle, uint8_t *packet, uint16_t size){ 2342 gatt_client_att_packet_handler(packet_type, handle, packet, size); 2343} |
| 2344 2345gatt_client_t * gatt_client_get_client(hci_con_handle_t con_handle){ 2346 return gatt_client_provide_context_for_handle(con_handle); 2347} |
|
| 2342#endif | 2348#endif |