From c2866714540bec65af19240e95a10d3090df0cf9 Mon Sep 17 00:00:00 2001 From: Sylvain Fonteneau Date: Mon, 1 Nov 2010 18:01:15 -0500 Subject: Fixed LLCP socket options storage. Socket options are now copied in the libnfc to avoid referencing a pointer that may not be valid during the whole socket life cycle. Change-Id: I7266164bf157242df1ce7fb7a0f9cffd52938140 Signed-off-by: Nick Pelly --- src/phFriNfc_LlcpTransport_Connection.c | 34 +++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) (limited to 'src/phFriNfc_LlcpTransport_Connection.c') diff --git a/src/phFriNfc_LlcpTransport_Connection.c b/src/phFriNfc_LlcpTransport_Connection.c index 5b114c2..2db1192 100644 --- a/src/phFriNfc_LlcpTransport_Connection.c +++ b/src/phFriNfc_LlcpTransport_Connection.c @@ -1814,10 +1814,10 @@ NFCSTATUS phFriNfc_LlcpTransport_ConnectionOriented_SocketGetLocalOptions(phFriN NFCSTATUS status = NFCSTATUS_SUCCESS; /* Get Local MIUX */ - psLocalOptions->miu = pLlcpSocket->psSocketOption->miu; + psLocalOptions->miu = pLlcpSocket->sSocketOption.miu; /* Get Local Receive Window */ - psLocalOptions->rw = pLlcpSocket->psSocketOption->rw; + psLocalOptions->rw = pLlcpSocket->sSocketOption.rw; return status; } @@ -1977,16 +1977,16 @@ NFCSTATUS phFriNfc_LlcpTransport_ConnectionOriented_Accept(phFriNfc_LlcpTranspor uint8_t i; /* Store the options in the socket */ - pLlcpSocket->psSocketOption = psOptions; + memcpy(&pLlcpSocket->sSocketOption, psOptions, sizeof(phFriNfc_LlcpTransport_sSocketOptions_t)); /* Set socket local params (MIUX & RW) */ - pLlcpSocket ->localMIUX = (pLlcpSocket->psSocketOption->miu - PHFRINFC_LLCP_MIU_DEFAULT) & PHFRINFC_LLCP_TLV_MIUX_MASK; - pLlcpSocket ->localRW = pLlcpSocket->psSocketOption->rw & PHFRINFC_LLCP_TLV_RW_MASK; + pLlcpSocket ->localMIUX = (pLlcpSocket->sSocketOption.miu - PHFRINFC_LLCP_MIU_DEFAULT) & PHFRINFC_LLCP_TLV_MIUX_MASK; + pLlcpSocket ->localRW = pLlcpSocket->sSocketOption.rw & PHFRINFC_LLCP_TLV_RW_MASK; /* Set the pointer and the length for the Receive Window Buffer */ for(i=0;ilocalRW;i++) { - pLlcpSocket->sSocketRwBufferTable[i].buffer = psWorkingBuffer->buffer + (i*pLlcpSocket->psSocketOption->miu); + pLlcpSocket->sSocketRwBufferTable[i].buffer = psWorkingBuffer->buffer + (i*pLlcpSocket->sSocketOption.miu); pLlcpSocket->sSocketRwBufferTable[i].length = 0; } @@ -2043,17 +2043,17 @@ NFCSTATUS phFriNfc_LlcpTransport_ConnectionOriented_Accept(phFriNfc_LlcpTranspor } /* Recive Window */ - if(pLlcpSocket->psSocketOption->rw != PHFRINFC_LLCP_RW_DEFAULT) + if(pLlcpSocket->sSocketOption.rw != PHFRINFC_LLCP_RW_DEFAULT) { /* Encode RW value */ - phFriNfc_Llcp_EncodeRW(&pLlcpSocket->psSocketOption->rw); + phFriNfc_Llcp_EncodeRW(&pLlcpSocket->sSocketOption.rw); /* Encode RW in TLV format */ status = phFriNfc_Llcp_EncodeTLV(&pLlcpSocket->sSocketSendBuffer, &offset, PHFRINFC_LLCP_TLV_TYPE_RW, PHFRINFC_LLCP_TLV_LENGTH_RW, - &pLlcpSocket->psSocketOption->rw); + &pLlcpSocket->sSocketOption.rw); if(status != NFCSTATUS_SUCCESS) { /* Call the CB */ @@ -2221,17 +2221,17 @@ NFCSTATUS phFriNfc_LlcpTransport_ConnectionOriented_Connect( phFriNfc_LlcpTransp } /* Recive Window */ - if(pLlcpSocket->psSocketOption->rw != PHFRINFC_LLCP_RW_DEFAULT) + if(pLlcpSocket->sSocketOption.rw != PHFRINFC_LLCP_RW_DEFAULT) { /* Encode RW value */ - phFriNfc_Llcp_EncodeRW(&pLlcpSocket->psSocketOption->rw); + phFriNfc_Llcp_EncodeRW(&pLlcpSocket->sSocketOption.rw); /* Encode RW in TLV format */ status = phFriNfc_Llcp_EncodeTLV(&pLlcpSocket->sSocketSendBuffer, &offset, PHFRINFC_LLCP_TLV_TYPE_RW, PHFRINFC_LLCP_TLV_LENGTH_RW, - &pLlcpSocket->psSocketOption->rw); + &pLlcpSocket->sSocketOption.rw); if(status != NFCSTATUS_SUCCESS) { status = PHNFCSTVAL(CID_FRI_NFC_LLCP_TRANSPORT, NFCSTATUS_FAILED); @@ -2399,7 +2399,6 @@ static void phFriNfc_LlcpTransport_ConnectionOriented_DisconnectClose_CB(void* pLlcpSocket->eSocket_Type = phFriNfc_LlcpTransport_eDefaultType; pLlcpSocket->pContext = NULL; pLlcpSocket->pSocketErrCb = NULL; - pLlcpSocket->psSocketOption = NULL; pLlcpSocket->socket_sSap = PHFRINFC_LLCP_SAP_DEFAULT; pLlcpSocket->socket_dSap = PHFRINFC_LLCP_SAP_DEFAULT; pLlcpSocket->bSocketRecvPending = FALSE; @@ -2415,7 +2414,9 @@ static void phFriNfc_LlcpTransport_ConnectionOriented_DisconnectClose_CB(void* pLlcpSocket->socket_VSA = 0; pLlcpSocket->socket_VR = 0; pLlcpSocket->socket_VRA = 0; - + + memset(&pLlcpSocket->sSocketOption, 0x00, sizeof(phFriNfc_LlcpTransport_sSocketOptions_t)); + if (pLlcpSocket->sServiceName.buffer != NULL) { phOsalNfc_FreeMemory(pLlcpSocket->sServiceName.buffer); } @@ -2460,7 +2461,6 @@ NFCSTATUS phFriNfc_LlcpTransport_ConnectionOriented_Close(phFriNfc_LlcpTransport pLlcpSocket->eSocket_Type = phFriNfc_LlcpTransport_eDefaultType; pLlcpSocket->pContext = NULL; pLlcpSocket->pSocketErrCb = NULL; - pLlcpSocket->psSocketOption = NULL; pLlcpSocket->socket_sSap = PHFRINFC_LLCP_SAP_DEFAULT; pLlcpSocket->socket_dSap = PHFRINFC_LLCP_SAP_DEFAULT; pLlcpSocket->bSocketRecvPending = FALSE; @@ -2479,6 +2479,8 @@ NFCSTATUS phFriNfc_LlcpTransport_ConnectionOriented_Close(phFriNfc_LlcpTransport pLlcpSocket->socket_VR = 0; pLlcpSocket->socket_VRA = 0; + memset(&pLlcpSocket->sSocketOption, 0x00, sizeof(phFriNfc_LlcpTransport_sSocketOptions_t)); + if (pLlcpSocket->sServiceName.buffer != NULL) { phOsalNfc_FreeMemory(pLlcpSocket->sServiceName.buffer); } @@ -2741,7 +2743,7 @@ NFCSTATUS phFriNfc_LlcpTransport_ConnectionOriented_Recv( phFriNfc_LlcpTransport { /* Get the data length available in the linear buffer */ dataLengthAvailable = phFriNfc_Llcp_CyclicFifoAvailable(&pLlcpSocket->sCyclicFifoBuffer); - if((dataLengthAvailable >= pLlcpSocket->psSocketOption->miu) && (pLlcpSocket->ReceiverBusyCondition == TRUE)) + if((dataLengthAvailable >= pLlcpSocket->sSocketOption.miu) && (pLlcpSocket->ReceiverBusyCondition == TRUE)) { /* Reset the ReceiverBusyCondition Flag */ pLlcpSocket->ReceiverBusyCondition = FALSE; -- cgit v1.1