From 33129c88dc7a8d18b7f0aa8ef563c50a7904d00c Mon Sep 17 00:00:00 2001 From: "Igor V. Kovalenko" Date: Thu, 19 Jan 2023 21:30:19 +0300 Subject: backend-native: Fix parsing comma-delimited response Incoming RFCOMM string has extra end-of-command terminating character which breaks both AT+BIA= and AT+BAC= parsers which only expect a comma. This leads to error parsing last element of response in both cases and could prevent detecting mSBC availability if mSBC codec id comes last, e.g. AT+BIA=1,2 Fix this by additionally checking for delimiters in both parsers. Fixes: 3c63f8e6d ("backend-native: Fix stack corruption reading RFCOMM AT+BIA= response") Part-of: --- src/modules/bluetooth/backend-native.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/bluetooth/backend-native.c b/src/modules/bluetooth/backend-native.c index 86bdbec60..829d7bf82 100644 --- a/src/modules/bluetooth/backend-native.c +++ b/src/modules/bluetooth/backend-native.c @@ -639,7 +639,7 @@ static bool hfp_rfcomm_handle(int fd, pa_bluetooth_transport *t, const char *buf /* Indicators start with index 1 and follow the order of the AT+CIND=? response */ str = pa_xstrdup(buf + 7); - for (indicator = 1; (r = pa_split_in_place(str, ",", &len, &state)); indicator++) { + for (indicator = 1; (r = pa_split_in_place(str, ",\r\n", &len, &state)); indicator++) { /* Ignore updates to mandatory indicators which are always ON */ if (indicator == CIND_CALL_INDICATOR || indicator == CIND_CALL_SETUP_INDICATOR @@ -669,7 +669,7 @@ static bool hfp_rfcomm_handle(int fd, pa_bluetooth_transport *t, const char *buf /* check if codec id 2 (mSBC) is in the list of supported codecs */ str = pa_xstrdup(buf + 7); - while ((r = pa_split_in_place(str, ",", &len, &state))) { + while ((r = pa_split_in_place(str, ",\r\n", &len, &state))) { if (len == 1 && r[0] == '2') { c->support_msbc = true; break; -- cgit v1.2.1