monitor/att: Fix parsing of notifications

If there are multiple notifications in the same frame the callback may alter it when using l2cap_frame_pull helpers, so instead this passes a cloned frame with just the expected length so callbacks cannot alter original frame.
author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> 2022-05-24 17:51:44 -0700
committer: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> 2022-05-25 12:52:19 -0700
commit: 1ffd74a6d4212a165763dc53e58a1b49b6fc5a98 (patch)
tree: 5b33cc141f50da603d70d8680e90b39a8fbaaecc /monitor/att.c
parent: 2894f1392fbe5e570039e9a753c7065cb8fcbf01 (diff)
download: bluez-1ffd74a6d4212a165763dc53e58a1b49b6fc5a98.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/monitor/att.c b/monitor/att.c
index 3644436e4..df3e65057 100644
--- a/monitor/att.c
+++ b/monitor/att.c
@@ -742,6 +742,7 @@ static void print_notify(const struct l2cap_frame *frame, uint16_t handle,
 {
 	struct gatt_db_attribute *attr;
 	struct gatt_handler *handler;
+	struct l2cap_frame clone;
 
 	print_handle(frame, handle, false);
 	print_hex_field("  Data", frame->data, len);
@@ -759,6 +760,15 @@ static void print_notify(const struct l2cap_frame *frame, uint16_t handle,
 	if (!handler)
 		return;
 
+	/* Use a clone if the callback is not expected to parse the whole
+	 * frame.
+	 */
+	if (len != frame->size) {
+		l2cap_frame_clone(&clone, frame);
+		clone.size = len;
+		frame = &clone;
+	}
+
 	handler->notify(frame);
 }
author	Luiz Augusto von Dentz <luiz.von.dentz@intel.com>	2022-05-24 17:51:44 -0700
committer	Luiz Augusto von Dentz <luiz.von.dentz@intel.com>	2022-05-25 12:52:19 -0700
commit	1ffd74a6d4212a165763dc53e58a1b49b6fc5a98 (patch)
tree	5b33cc141f50da603d70d8680e90b39a8fbaaecc /monitor/att.c
parent	2894f1392fbe5e570039e9a753c7065cb8fcbf01 (diff)
download	bluez-1ffd74a6d4212a165763dc53e58a1b49b6fc5a98.tar.gz