Bluetooth: Classic: SDP: Avoid invalid session->param
be accessed
The `session->param` should be updated to date whatever the function `sdp_client_ssa_search()`, `sdp_client_sa_search()` or `sdp_client_ss_search()` can be executed properly. Update the `session->param` to the new `param` when executing the function. Fixes #91156 Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
This commit is contained in:
parent
3728a80929
commit
55c0f00f23
1 changed files with 9 additions and 6 deletions
|
@ -1485,6 +1485,9 @@ static int sdp_client_ss_search(struct bt_sdp_client *session,
|
|||
{
|
||||
struct net_buf *buf;
|
||||
|
||||
/* Update context param directly. */
|
||||
session->param = param;
|
||||
|
||||
buf = bt_sdp_create_pdu();
|
||||
|
||||
/* BT_SDP_SEQ8 means length of sequence is on additional next byte */
|
||||
|
@ -1530,8 +1533,6 @@ static int sdp_client_ss_search(struct bt_sdp_client *session,
|
|||
net_buf_add_mem(buf, session->cstate.data, session->cstate.length);
|
||||
}
|
||||
|
||||
/* Update context param to the one being resolving now */
|
||||
session->param = param;
|
||||
session->tid++;
|
||||
|
||||
return bt_sdp_send(&session->chan.chan, buf, BT_SDP_SVC_SEARCH_REQ, session->tid);
|
||||
|
@ -1543,6 +1544,9 @@ static int sdp_client_sa_search(struct bt_sdp_client *session,
|
|||
{
|
||||
struct net_buf *buf;
|
||||
|
||||
/* Update context param directly. */
|
||||
session->param = param;
|
||||
|
||||
buf = bt_sdp_create_pdu();
|
||||
|
||||
/* Add service record handle */
|
||||
|
@ -1575,8 +1579,6 @@ static int sdp_client_sa_search(struct bt_sdp_client *session,
|
|||
net_buf_add_mem(buf, session->cstate.data, session->cstate.length);
|
||||
}
|
||||
|
||||
/* Update context param to the one being resolving now */
|
||||
session->param = param;
|
||||
session->tid++;
|
||||
|
||||
return bt_sdp_send(&session->chan.chan, buf, BT_SDP_SVC_ATTR_REQ, session->tid);
|
||||
|
@ -1588,6 +1590,9 @@ static int sdp_client_ssa_search(struct bt_sdp_client *session,
|
|||
{
|
||||
struct net_buf *buf;
|
||||
|
||||
/* Update context param directly. */
|
||||
session->param = param;
|
||||
|
||||
buf = bt_sdp_create_pdu();
|
||||
|
||||
/* BT_SDP_SEQ8 means length of sequence is on additional next byte */
|
||||
|
@ -1646,8 +1651,6 @@ static int sdp_client_ssa_search(struct bt_sdp_client *session,
|
|||
session->cstate.length);
|
||||
}
|
||||
|
||||
/* Update context param to the one being resolving now */
|
||||
session->param = param;
|
||||
session->tid++;
|
||||
|
||||
return bt_sdp_send(&session->chan.chan, buf, BT_SDP_SVC_SEARCH_ATTR_REQ,
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue