Merge branch 'bugfix/ignore_null_valued_comb_key_4_1' into 'release/v4.1'

Bugfix/ignore null valued comb key 4 1

See merge request espressif/esp-idf!12408
This commit is contained in:
Island 2021-02-18 13:58:52 +00:00
commit 77feee975e
4 changed files with 11 additions and 20 deletions

View File

@ -404,8 +404,6 @@ SOC_RESERVE_MEMORY_REGION(SOC_MEM_BT_DATA_START, SOC_MEM_BT_DATA_END,
static DRAM_ATTR struct osi_funcs_t *osi_funcs_p;
static uint8_t own_bda[6];
#if CONFIG_SPIRAM_USE_MALLOC
static DRAM_ATTR btdm_queue_item_t btdm_queue_table[BTDM_MAX_QUEUE_NUM];
static DRAM_ATTR SemaphoreHandle_t btdm_queue_table_mux = NULL;
@ -1358,7 +1356,6 @@ esp_err_t esp_bt_controller_init(esp_bt_controller_config_t *cfg)
cfg->bt_max_sync_conn = CONFIG_BTDM_CTRL_BR_EDR_MAX_SYNC_CONN_EFF;
cfg->magic = ESP_BT_CONTROLLER_CONFIG_MAGIC_VAL;
read_mac_wrapper(own_bda);
if (((cfg->mode & ESP_BT_MODE_BLE) && (cfg->ble_max_conn <= 0 || cfg->ble_max_conn > BTDM_CONTROLLER_BLE_MAX_CONN_LIMIT))
|| ((cfg->mode & ESP_BT_MODE_CLASSIC_BT) && (cfg->bt_max_acl_conn <= 0 || cfg->bt_max_acl_conn > BTDM_CONTROLLER_BR_EDR_MAX_ACL_CONN_LIMIT))
|| ((cfg->mode & ESP_BT_MODE_CLASSIC_BT) && (cfg->bt_max_sync_conn > BTDM_CONTROLLER_BR_EDR_MAX_SYNC_CONN_LIMIT))) {
@ -1647,12 +1644,6 @@ esp_bt_controller_status_t esp_bt_controller_get_status(void)
return btdm_controller_status;
}
uint8_t* esp_bt_get_mac(void)
{
return own_bda;
}
/* extra functions */
esp_err_t esp_ble_tx_power_set(esp_ble_power_type_t power_type, esp_power_level_t power_level)
{

@ -1 +1 @@
Subproject commit 73fa0bcb5132f4ea3eebde88f0599920664a8257
Subproject commit 0a7edb5acf88414778fa56708a29958d527f5f2c

View File

@ -36,7 +36,6 @@
#include "osi/fixed_queue.h"
#include "osi/alarm.h"
#include "stack/btm_ble_api.h"
#include "esp_bt.h"
#if (BT_USE_TRACES == TRUE && BT_TRACE_VERBOSE == FALSE)
/* needed for sprintf() */
@ -2631,15 +2630,6 @@ void btm_sec_conn_req (UINT8 *bda, UINT8 *dc)
return;
}
/* Check if peer device's and our BD_ADDR is same or not. It
should be different to avoid 'Impersonation in the Pin Pairing
Protocol' (CVE-2020-26555) vulnerability. */
if (memcmp(bda, esp_bt_get_mac(), sizeof (BD_ADDR)) == 0) {
BTM_TRACE_ERROR ("Security Manager: connect request from device with same BD_ADDR\n");
btsnd_hcic_reject_conn (bda, HCI_ERR_HOST_REJECT_DEVICE);
return;
}
/* Security guys wants us not to allow connection from not paired devices */
/* Check if connection is allowed for only paired devices */

View File

@ -52,6 +52,16 @@ tL2C_LCB *l2cu_allocate_lcb (BD_ADDR p_bd_addr, BOOLEAN is_bonding, tBT_TRANSPOR
int xx;
tL2C_LCB *p_lcb = &l2cb.lcb_pool[0];
#if (CLASSIC_BT_INCLUDED == TRUE)
/* Check if peer device's and our BD_ADDR is same or not. It
should be different to avoid 'Impersonation in the Pin Pairing
Protocol' (CVE-2020-26555) vulnerability. */
if (memcmp((uint8_t *)p_bd_addr, (uint8_t *)&controller_get_interface()->get_address()->address, sizeof (BD_ADDR)) == 0) {
L2CAP_TRACE_ERROR ("%s connection rejected due to same BD ADDR", __func__);
return (NULL);
}
#endif
for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
if (!p_lcb->in_use) {
btu_free_timer(&p_lcb->timer_entry);