Bluetooth: SDP: Validate Transaction ID of PDU

Adds check on receiving side whether current SDP PDU response matches
correcponding SDP PDU request.

Jira: ZEP-1112

Change-Id: Ide8da54fe38f12d3bcb1e7d056050c038b7ec065
Signed-off-by: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
This commit is contained in:
Arkadiusz Lichwa 2016-12-21 12:20:40 +01:00 committed by Johan Hedberg
commit 714718a33d

View file

@ -421,8 +421,6 @@ static void sdp_client_receive(struct bt_l2cap_chan *chan, struct net_buf *buf)
struct bt_sdp_hdr *hdr = (void *)buf->data;
uint16_t len, tid;
ARG_UNUSED(session);
BT_DBG("session %p buf %p", session, buf);
if (buf->len < sizeof(*hdr)) {
@ -445,6 +443,11 @@ static void sdp_client_receive(struct bt_l2cap_chan *chan, struct net_buf *buf)
BT_ERR("SDP PDU length mismatch (%u != %u)", buf->len, len);
return;
}
if (tid != session->tid) {
BT_ERR("Mismatch transaction ID value in SDP PDU");
return;
}
}
static int sdp_client_chan_connect(struct bt_sdp_client *session)