Bluetooth: SDP: Fix issue that RX buf is used for others discovery #94552
Conversation
In current implementation, the received buffer is incorrectly used for other SDP discover requests. Release the RX buffer when the SDP discovery is done. And allocate the new RX buffer from the pool of the new SDP discovery request. Signed-off-by: Lyle Zhu <[email protected]>
zephyrbot
added
area: Bluetooth
area: Bluetooth Classic
|
| @@ -1705,6 +1705,10 @@ static void sdp_client_params_iterator(struct bt_sdp_client *session) | |||
| sys_slist_remove(&session->reqs, NULL, ¶m->_node); | |||
| /* Invalidate cached param in context */ | |||
| session->param = NULL; | |||
| if (session->rec_buf != NULL) { | |||
There was a problem hiding this comment.
current session rec_buf would be alloc when sdp_client_connected. if do alloc rec_buf when user request every discovery. then rec_buf maybe need to delete within sdp_client_connected.
However I am some doubts.
recv_len would be reset when discovery finished. why rec_buf would be some garbage data?
There was a problem hiding this comment.
I do not get your point.
As my comments said, the received buffer is incorrectly used for other SDP discover requests.
This is why this change created.
hi, @lylezhu2012 Thanks for your explanation. rec_buf would be allocated when connected, and free when disconncted. could we reset rec_buf value, and do not free rec_buf ? |
The |
| @@ -1912,7 +1916,11 @@ static int sdp_client_discover(struct bt_sdp_client *session) | |||
| param = session->param; | |||
| } | |||
|
|
|||
| if (!param) { | |||
| if (param != NULL && session->rec_buf == NULL) { | |||
There was a problem hiding this comment.
The session->rec_buf should be NULL here, add assert or LOG_ERR here? Or If it is not NULL, release it here?
In current implementation, the received buffer is incorrectly used for other SDP discover requests.
Release the RX buffer when the SDP discovery is done. And allocate the new RX buffer from the pool of the new SDP discovery request.