1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains SDP utility functions
22 *
23 ******************************************************************************/
24
25 #include <stdlib.h>
26 #include <string.h>
27
28 #include "osi/allocator.h"
29
30 #include "common/bt_defs.h"
31
32 #include "stack/bt_types.h"
33
34 #include "stack/l2cdefs.h"
35 #include "stack/hcidefs.h"
36 #include "stack/hcimsgs.h"
37
38 #include "stack/sdp_api.h"
39 #include "sdpint.h"
40
41 #include "stack/btu.h"
42
43 #if (SDP_INCLUDED == TRUE)
44 static const UINT8 sdp_base_uuid[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00,
45 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB
46 };
47
48 /*******************************************************************************
49 **
50 ** Function sdpu_find_ccb_by_cid
51 **
52 ** Description This function searches the CCB table for an entry with the
53 ** passed CID.
54 **
55 ** Returns the CCB address, or NULL if not found.
56 **
57 *******************************************************************************/
sdpu_find_ccb_by_cid(UINT16 cid)58 tCONN_CB *sdpu_find_ccb_by_cid (UINT16 cid)
59 {
60 UINT16 xx;
61 tCONN_CB *p_ccb;
62
63 /* Look through each connection control block */
64 for (xx = 0, p_ccb = sdp_cb.ccb; xx < SDP_MAX_CONNECTIONS; xx++, p_ccb++) {
65 if ((p_ccb->con_state != SDP_STATE_IDLE) && (p_ccb->connection_id == cid)) {
66 return (p_ccb);
67 }
68 }
69
70 /* If here, not found */
71 return (NULL);
72 }
73
74
75 /*******************************************************************************
76 **
77 ** Function sdpu_find_ccb_by_db
78 **
79 ** Description This function searches the CCB table for an entry with the
80 ** passed discovery db.
81 **
82 ** Returns the CCB address, or NULL if not found.
83 **
84 *******************************************************************************/
sdpu_find_ccb_by_db(tSDP_DISCOVERY_DB * p_db)85 tCONN_CB *sdpu_find_ccb_by_db (tSDP_DISCOVERY_DB *p_db)
86 {
87 #if SDP_CLIENT_ENABLED == TRUE
88 UINT16 xx;
89 tCONN_CB *p_ccb;
90
91 if (p_db) {
92 /* Look through each connection control block */
93 for (xx = 0, p_ccb = sdp_cb.ccb; xx < SDP_MAX_CONNECTIONS; xx++, p_ccb++) {
94 if ((p_ccb->con_state != SDP_STATE_IDLE) && (p_ccb->p_db == p_db)) {
95 return (p_ccb);
96 }
97 }
98 }
99 #endif
100 /* If here, not found */
101 return (NULL);
102 }
103
104
105 /*******************************************************************************
106 **
107 ** Function sdpu_allocate_ccb
108 **
109 ** Description This function allocates a new CCB.
110 **
111 ** Returns CCB address, or NULL if none available.
112 **
113 *******************************************************************************/
sdpu_allocate_ccb(void)114 tCONN_CB *sdpu_allocate_ccb (void)
115 {
116 UINT16 xx;
117 tCONN_CB *p_ccb;
118
119 /* Look through each connection control block for a free one */
120 for (xx = 0, p_ccb = sdp_cb.ccb; xx < SDP_MAX_CONNECTIONS; xx++, p_ccb++) {
121 if (p_ccb->con_state == SDP_STATE_IDLE) {
122 btu_free_timer(&p_ccb->timer_entry);
123 memset (p_ccb, 0, sizeof (tCONN_CB));
124
125 p_ccb->timer_entry.param = (UINT32) p_ccb;
126
127 return (p_ccb);
128 }
129 }
130
131 /* If here, no free CCB found */
132 return (NULL);
133 }
134
135
136 /*******************************************************************************
137 **
138 ** Function sdpu_release_ccb
139 **
140 ** Description This function releases a CCB.
141 **
142 ** Returns void
143 **
144 *******************************************************************************/
sdpu_release_ccb(tCONN_CB * p_ccb)145 void sdpu_release_ccb (tCONN_CB *p_ccb)
146 {
147 /* Ensure timer is stopped and released */
148 btu_free_timer(&p_ccb->timer_entry);
149
150 /* Drop any response pointer we may be holding */
151 p_ccb->con_state = SDP_STATE_IDLE;
152 #if SDP_CLIENT_ENABLED == TRUE
153 p_ccb->is_attr_search = FALSE;
154 #endif
155
156 /* Free the response buffer */
157 if (p_ccb->rsp_list) {
158 SDP_TRACE_DEBUG("releasing SDP rsp_list\n");
159
160 osi_free(p_ccb->rsp_list);
161 p_ccb->rsp_list = NULL;
162 }
163 }
164
165
166 /*******************************************************************************
167 **
168 ** Function sdpu_build_attrib_seq
169 **
170 ** Description This function builds an attribute sequence from the list of
171 ** passed attributes. It is also passed the address of the output
172 ** buffer.
173 **
174 ** Returns Pointer to next byte in the output buffer.
175 **
176 *******************************************************************************/
sdpu_build_attrib_seq(UINT8 * p_out,UINT16 * p_attr,UINT16 num_attrs)177 UINT8 *sdpu_build_attrib_seq (UINT8 *p_out, UINT16 *p_attr, UINT16 num_attrs)
178 {
179 UINT16 xx;
180
181 /* First thing is the data element header. See if the length fits 1 byte */
182 /* If no attributes, assume a 4-byte wildcard */
183 if (!p_attr) {
184 xx = 5;
185 } else {
186 xx = num_attrs * 3;
187 }
188
189 if (xx > 255) {
190 UINT8_TO_BE_STREAM (p_out, (DATA_ELE_SEQ_DESC_TYPE << 3) | SIZE_IN_NEXT_WORD);
191 UINT16_TO_BE_STREAM (p_out, xx);
192 } else {
193 UINT8_TO_BE_STREAM (p_out, (DATA_ELE_SEQ_DESC_TYPE << 3) | SIZE_IN_NEXT_BYTE);
194 UINT8_TO_BE_STREAM (p_out, xx);
195 }
196
197 /* If there are no attributes specified, assume caller wants wildcard */
198 if (!p_attr) {
199 UINT8_TO_BE_STREAM (p_out, (UINT_DESC_TYPE << 3) | SIZE_FOUR_BYTES);
200 UINT16_TO_BE_STREAM (p_out, 0);
201 UINT16_TO_BE_STREAM (p_out, 0xFFFF);
202 } else {
203 /* Loop through and put in all the attributes(s) */
204 for (xx = 0; xx < num_attrs; xx++, p_attr++) {
205 UINT8_TO_BE_STREAM (p_out, (UINT_DESC_TYPE << 3) | SIZE_TWO_BYTES);
206 UINT16_TO_BE_STREAM (p_out, *p_attr);
207 }
208 }
209
210 return (p_out);
211 }
212
213
214 /*******************************************************************************
215 **
216 ** Function sdpu_build_attrib_entry
217 **
218 ** Description This function builds an attribute entry from the passed
219 ** attribute record. It is also passed the address of the output
220 ** buffer.
221 **
222 ** Returns Pointer to next byte in the output buffer.
223 **
224 *******************************************************************************/
sdpu_build_attrib_entry(UINT8 * p_out,tSDP_ATTRIBUTE * p_attr)225 UINT8 *sdpu_build_attrib_entry (UINT8 *p_out, tSDP_ATTRIBUTE *p_attr)
226 {
227 /* First, store the attribute ID. Goes as a UINT */
228 UINT8_TO_BE_STREAM (p_out, (UINT_DESC_TYPE << 3) | SIZE_TWO_BYTES);
229 UINT16_TO_BE_STREAM (p_out, p_attr->id);
230
231 /* the attribute is in the db record.
232 * assuming the attribute len is less than SDP_MAX_ATTR_LEN */
233 switch (p_attr->type) {
234 case TEXT_STR_DESC_TYPE: /* 4 */
235 case DATA_ELE_SEQ_DESC_TYPE:/* 6 */
236 case DATA_ELE_ALT_DESC_TYPE:/* 7 */
237 case URL_DESC_TYPE: /* 8 */
238 #if (SDP_MAX_ATTR_LEN > 0xFFFF)
239 if (p_attr->len > 0xFFFF) {
240 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_IN_NEXT_LONG);
241 UINT32_TO_BE_STREAM (p_out, p_attr->len);
242 } else
243
244 #endif /* 0xFFFF - 0xFF */
245 {
246 #if (SDP_MAX_ATTR_LEN > 0xFF)
247 if (p_attr->len > 0xFF) {
248 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_IN_NEXT_WORD);
249 UINT16_TO_BE_STREAM (p_out, p_attr->len);
250 } else
251
252 #endif /* 0xFF and less*/
253 {
254 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_IN_NEXT_BYTE);
255 UINT8_TO_BE_STREAM (p_out, p_attr->len);
256 }
257 }
258 if (p_attr->value_ptr != NULL) {
259 ARRAY_TO_BE_STREAM (p_out, p_attr->value_ptr, (int)p_attr->len);
260 }
261
262 return (p_out);
263 }
264
265 /* Now, store the attribute value */
266 switch (p_attr->len) {
267 case 1:
268 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_ONE_BYTE);
269 break;
270 case 2:
271 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_TWO_BYTES);
272 break;
273 case 4:
274 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_FOUR_BYTES);
275 break;
276 case 8:
277 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_EIGHT_BYTES);
278 break;
279 case 16:
280 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_SIXTEEN_BYTES);
281 break;
282 default:
283 UINT8_TO_BE_STREAM (p_out, (p_attr->type << 3) | SIZE_IN_NEXT_BYTE);
284 UINT8_TO_BE_STREAM (p_out, p_attr->len);
285 break;
286 }
287
288 if (p_attr->value_ptr != NULL) {
289 ARRAY_TO_BE_STREAM (p_out, p_attr->value_ptr, (int)p_attr->len);
290 }
291
292 return (p_out);
293 }
294
295
296 /*******************************************************************************
297 **
298 ** Function sdpu_build_n_send_error
299 **
300 ** Description This function builds and sends an error packet.
301 **
302 ** Returns void
303 **
304 *******************************************************************************/
sdpu_build_n_send_error(tCONN_CB * p_ccb,UINT16 trans_num,UINT16 error_code,char * p_error_text)305 void sdpu_build_n_send_error (tCONN_CB *p_ccb, UINT16 trans_num, UINT16 error_code, char *p_error_text)
306 {
307 UINT8 *p_rsp, *p_rsp_start, *p_rsp_param_len;
308 UINT16 rsp_param_len;
309 BT_HDR *p_buf;
310
311
312 SDP_TRACE_WARNING ("SDP - sdpu_build_n_send_error code: 0x%x CID: 0x%x\n",
313 error_code, p_ccb->connection_id);
314
315 /* Get a buffer to use to build and send the packet to L2CAP */
316 if ((p_buf = (BT_HDR *)osi_malloc(SDP_DATA_BUF_SIZE)) == NULL) {
317 SDP_TRACE_ERROR ("SDP - no buf for err msg\n");
318 return;
319 }
320 p_buf->offset = L2CAP_MIN_OFFSET;
321 p_rsp = p_rsp_start = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
322
323 UINT8_TO_BE_STREAM (p_rsp, SDP_PDU_ERROR_RESPONSE);
324 UINT16_TO_BE_STREAM (p_rsp, trans_num);
325
326 /* Skip the parameter length, we need to add it at the end */
327 p_rsp_param_len = p_rsp;
328 p_rsp += 2;
329
330 UINT16_TO_BE_STREAM (p_rsp, error_code);
331
332 /* Unplugfest example traces do not have any error text */
333 if (p_error_text) {
334 ARRAY_TO_BE_STREAM (p_rsp, p_error_text, (int) strlen (p_error_text));
335 }
336
337 /* Go back and put the parameter length into the buffer */
338 rsp_param_len = p_rsp - p_rsp_param_len - 2;
339 UINT16_TO_BE_STREAM (p_rsp_param_len, rsp_param_len);
340
341 /* Set the length of the SDP data in the buffer */
342 p_buf->len = p_rsp - p_rsp_start;
343
344
345 /* Send the buffer through L2CAP */
346 L2CA_DataWrite (p_ccb->connection_id, p_buf);
347 }
348
349
350
351 /*******************************************************************************
352 **
353 ** Function sdpu_extract_uid_seq
354 **
355 ** Description This function extracts a UUID sequence from the passed input
356 ** buffer, and puts it into the passed output list.
357 **
358 ** Returns Pointer to next byte in the input buffer after the sequence.
359 **
360 *******************************************************************************/
sdpu_extract_uid_seq(UINT8 * p,UINT16 param_len,tSDP_UUID_SEQ * p_seq)361 UINT8 *sdpu_extract_uid_seq (UINT8 *p, UINT16 param_len, tSDP_UUID_SEQ *p_seq)
362 {
363 UINT8 *p_seq_end;
364 UINT8 descr, type, size;
365 UINT32 seq_len, uuid_len;
366
367 /* Assume none found */
368 p_seq->num_uids = 0;
369
370 /* A UID sequence is composed of a bunch of UIDs. */
371
372 BE_STREAM_TO_UINT8 (descr, p);
373 type = descr >> 3;
374 size = descr & 7;
375
376 if (type != DATA_ELE_SEQ_DESC_TYPE) {
377 return (NULL);
378 }
379
380 switch (size) {
381 case SIZE_TWO_BYTES:
382 seq_len = 2;
383 break;
384 case SIZE_FOUR_BYTES:
385 seq_len = 4;
386 break;
387 case SIZE_SIXTEEN_BYTES:
388 seq_len = 16;
389 break;
390 case SIZE_IN_NEXT_BYTE:
391 BE_STREAM_TO_UINT8 (seq_len, p);
392 break;
393 case SIZE_IN_NEXT_WORD:
394 BE_STREAM_TO_UINT16 (seq_len, p);
395 break;
396 case SIZE_IN_NEXT_LONG:
397 BE_STREAM_TO_UINT32 (seq_len, p);
398 break;
399 default:
400 return (NULL);
401 }
402
403 if (seq_len >= param_len) {
404 return (NULL);
405 }
406
407 p_seq_end = p + seq_len;
408
409 /* Loop through, extracting the UIDs */
410 for ( ; p < p_seq_end ; ) {
411 BE_STREAM_TO_UINT8 (descr, p);
412 type = descr >> 3;
413 size = descr & 7;
414
415 if (type != UUID_DESC_TYPE) {
416 return (NULL);
417 }
418
419 switch (size) {
420 case SIZE_TWO_BYTES:
421 uuid_len = 2;
422 break;
423 case SIZE_FOUR_BYTES:
424 uuid_len = 4;
425 break;
426 case SIZE_SIXTEEN_BYTES:
427 uuid_len = 16;
428 break;
429 case SIZE_IN_NEXT_BYTE:
430 BE_STREAM_TO_UINT8 (uuid_len, p);
431 break;
432 case SIZE_IN_NEXT_WORD:
433 BE_STREAM_TO_UINT16 (uuid_len, p);
434 break;
435 case SIZE_IN_NEXT_LONG:
436 BE_STREAM_TO_UINT32 (uuid_len, p);
437 break;
438 default:
439 return (NULL);
440 }
441
442 /* If UUID length is valid, copy it across */
443 if ((uuid_len == 2) || (uuid_len == 4) || (uuid_len == 16)) {
444 p_seq->uuid_entry[p_seq->num_uids].len = (UINT16) uuid_len;
445 BE_STREAM_TO_ARRAY (p, p_seq->uuid_entry[p_seq->num_uids].value, (int)uuid_len);
446 p_seq->num_uids++;
447 } else {
448 return (NULL);
449 }
450
451 /* We can only do so many */
452 if (p_seq->num_uids >= MAX_UUIDS_PER_SEQ) {
453 return (NULL);
454 }
455 }
456
457 if (p != p_seq_end) {
458 return (NULL);
459 }
460
461 return (p);
462 }
463
464
465
466 /*******************************************************************************
467 **
468 ** Function sdpu_extract_attr_seq
469 **
470 ** Description This function extracts an attribute sequence from the passed
471 ** input buffer, and puts it into the passed output list.
472 **
473 ** Returns Pointer to next byte in the input buffer after the sequence.
474 **
475 *******************************************************************************/
sdpu_extract_attr_seq(UINT8 * p,UINT16 param_len,tSDP_ATTR_SEQ * p_seq)476 UINT8 *sdpu_extract_attr_seq (UINT8 *p, UINT16 param_len, tSDP_ATTR_SEQ *p_seq)
477 {
478 UINT8 *p_end_list;
479 UINT8 descr, type, size;
480 UINT32 list_len, attr_len;
481
482 /* Assume none found */
483 p_seq->num_attr = 0;
484
485 /* Get attribute sequence info */
486 BE_STREAM_TO_UINT8 (descr, p);
487 type = descr >> 3;
488 size = descr & 7;
489
490 if (type != DATA_ELE_SEQ_DESC_TYPE) {
491 return (p);
492 }
493
494 switch (size) {
495 case SIZE_IN_NEXT_BYTE:
496 BE_STREAM_TO_UINT8 (list_len, p);
497 break;
498
499 case SIZE_IN_NEXT_WORD:
500 BE_STREAM_TO_UINT16 (list_len, p);
501 break;
502
503 case SIZE_IN_NEXT_LONG:
504 BE_STREAM_TO_UINT32 (list_len, p);
505 break;
506
507 default:
508 return (p);
509 }
510
511 if (list_len > param_len) {
512 return (p);
513 }
514
515 p_end_list = p + list_len;
516
517 /* Loop through, extracting the attribute IDs */
518 for ( ; p < p_end_list ; ) {
519 BE_STREAM_TO_UINT8 (descr, p);
520 type = descr >> 3;
521 size = descr & 7;
522
523 if (type != UINT_DESC_TYPE) {
524 return (p);
525 }
526
527 switch (size) {
528 case SIZE_TWO_BYTES:
529 attr_len = 2;
530 break;
531 case SIZE_FOUR_BYTES:
532 attr_len = 4;
533 break;
534 case SIZE_IN_NEXT_BYTE:
535 BE_STREAM_TO_UINT8 (attr_len, p);
536 break;
537 case SIZE_IN_NEXT_WORD:
538 BE_STREAM_TO_UINT16 (attr_len, p);
539 break;
540 case SIZE_IN_NEXT_LONG:
541 BE_STREAM_TO_UINT32 (attr_len, p);
542 break;
543 default:
544 return (NULL);
545 break;
546 }
547
548 /* Attribute length must be 2-bytes or 4-bytes for a paired entry. */
549 if (attr_len == 2) {
550 BE_STREAM_TO_UINT16 (p_seq->attr_entry[p_seq->num_attr].start, p);
551 p_seq->attr_entry[p_seq->num_attr].end = p_seq->attr_entry[p_seq->num_attr].start;
552 } else if (attr_len == 4) {
553 BE_STREAM_TO_UINT16 (p_seq->attr_entry[p_seq->num_attr].start, p);
554 BE_STREAM_TO_UINT16 (p_seq->attr_entry[p_seq->num_attr].end, p);
555 } else {
556 return (NULL);
557 }
558
559 /* We can only do so many */
560 if (++p_seq->num_attr >= MAX_ATTR_PER_SEQ) {
561 return (NULL);
562 }
563 }
564
565 return (p);
566 }
567
568
569 /*******************************************************************************
570 **
571 ** Function sdpu_get_len_from_type
572 **
573 ** Description This function gets the length
574 **
575 ** Returns void
576 **
577 *******************************************************************************/
sdpu_get_len_from_type(UINT8 * p,UINT8 type,UINT32 * p_len)578 UINT8 *sdpu_get_len_from_type (UINT8 *p, UINT8 type, UINT32 *p_len)
579 {
580 UINT8 u8;
581 UINT16 u16;
582 UINT32 u32;
583
584 switch (type & 7) {
585 case SIZE_ONE_BYTE:
586 *p_len = 1;
587 break;
588 case SIZE_TWO_BYTES:
589 *p_len = 2;
590 break;
591 case SIZE_FOUR_BYTES:
592 *p_len = 4;
593 break;
594 case SIZE_EIGHT_BYTES:
595 *p_len = 8;
596 break;
597 case SIZE_SIXTEEN_BYTES:
598 *p_len = 16;
599 break;
600 case SIZE_IN_NEXT_BYTE:
601 BE_STREAM_TO_UINT8 (u8, p);
602 *p_len = u8;
603 break;
604 case SIZE_IN_NEXT_WORD:
605 BE_STREAM_TO_UINT16 (u16, p);
606 *p_len = u16;
607 break;
608 case SIZE_IN_NEXT_LONG:
609 BE_STREAM_TO_UINT32 (u32, p);
610 *p_len = (UINT16) u32;
611 break;
612 }
613
614 return (p);
615 }
616
617
618 /*******************************************************************************
619 **
620 ** Function sdpu_is_base_uuid
621 **
622 ** Description This function checks a 128-bit UUID with the base to see if
623 ** it matches. Only the last 12 bytes are compared.
624 **
625 ** Returns TRUE if matched, else FALSE
626 **
627 *******************************************************************************/
sdpu_is_base_uuid(UINT8 * p_uuid)628 BOOLEAN sdpu_is_base_uuid (UINT8 *p_uuid)
629 {
630 UINT16 xx;
631
632 for (xx = 4; xx < MAX_UUID_SIZE; xx++)
633 if (p_uuid[xx] != sdp_base_uuid[xx]) {
634 return (FALSE);
635 }
636
637 /* If here, matched */
638 return (TRUE);
639 }
640
641
642 /*******************************************************************************
643 **
644 ** Function sdpu_compare_uuid_arrays
645 **
646 ** Description This function compares 2 BE UUIDs. If needed, they are expanded
647 ** to 128-bit UUIDs, then compared.
648 **
649 ** NOTE it is assumed that the arrays are in Big Endian format
650 **
651 ** Returns TRUE if matched, else FALSE
652 **
653 *******************************************************************************/
sdpu_compare_uuid_arrays(UINT8 * p_uuid1,UINT32 len1,UINT8 * p_uuid2,UINT16 len2)654 BOOLEAN sdpu_compare_uuid_arrays (UINT8 *p_uuid1, UINT32 len1, UINT8 *p_uuid2, UINT16 len2)
655 {
656 UINT8 nu1[MAX_UUID_SIZE];
657 UINT8 nu2[MAX_UUID_SIZE];
658
659 if ( ((len1 != 2) && (len1 != 4) && (len1 != 16)) ||
660 ((len2 != 2) && (len2 != 4) && (len2 != 16)) ) {
661 SDP_TRACE_ERROR("%s: invalid length\n", __func__);
662 return FALSE;
663 }
664
665 /* If lengths match, do a straight compare */
666 if (len1 == len2) {
667 if (len1 == 2) {
668 return ((p_uuid1[0] == p_uuid2[0]) && (p_uuid1[1] == p_uuid2[1]));
669 }
670 if (len1 == 4) {
671 return ( (p_uuid1[0] == p_uuid2[0]) && (p_uuid1[1] == p_uuid2[1])
672 && (p_uuid1[2] == p_uuid2[2]) && (p_uuid1[3] == p_uuid2[3]) );
673 } else {
674 return (memcmp (p_uuid1, p_uuid2, (size_t)len1) == 0);
675 }
676 } else if (len1 > len2) {
677 /* If the len1 was 4-byte, (so len2 is 2-byte), compare on the fly */
678 if (len1 == 4) {
679 return ( (p_uuid1[0] == 0) && (p_uuid1[1] == 0)
680 && (p_uuid1[2] == p_uuid2[0]) && (p_uuid1[3] == p_uuid2[1]) );
681 } else {
682 /* Normalize UUIDs to 16-byte form, then compare. Len1 must be 16 */
683 memcpy (nu1, p_uuid1, MAX_UUID_SIZE);
684 memcpy (nu2, sdp_base_uuid, MAX_UUID_SIZE);
685
686 if (len2 == 4) {
687 memcpy (nu2, p_uuid2, len2);
688 } else if (len2 == 2) {
689 memcpy (nu2 + 2, p_uuid2, len2);
690 }
691
692 return (memcmp (nu1, nu2, MAX_UUID_SIZE) == 0);
693 }
694 } else {
695 /* len2 is greater than len1 */
696 /* If the len2 was 4-byte, (so len1 is 2-byte), compare on the fly */
697 if (len2 == 4) {
698 return ( (p_uuid2[0] == 0) && (p_uuid2[1] == 0)
699 && (p_uuid2[2] == p_uuid1[0]) && (p_uuid2[3] == p_uuid1[1]) );
700 } else {
701 /* Normalize UUIDs to 16-byte form, then compare. Len1 must be 16 */
702 memcpy (nu2, p_uuid2, MAX_UUID_SIZE);
703 memcpy (nu1, sdp_base_uuid, MAX_UUID_SIZE);
704
705 if (len1 == 4) {
706 memcpy (nu1, p_uuid1, (size_t)len1);
707 } else if (len1 == 2) {
708 memcpy (nu1 + 2, p_uuid1, (size_t)len1);
709 }
710
711 return (memcmp (nu1, nu2, MAX_UUID_SIZE) == 0);
712 }
713 }
714 }
715
716
717 /*******************************************************************************
718 **
719 ** Function sdpu_compare_bt_uuids
720 **
721 ** Description This function compares 2 BT UUID structures.
722 **
723 ** NOTE it is assumed that BT UUID structures are compressed to the
724 ** smallest possible UUIDs (by removing the base SDP UUID)
725 **
726 ** Returns TRUE if matched, else FALSE
727 **
728 *******************************************************************************/
sdpu_compare_bt_uuids(tBT_UUID * p_uuid1,tBT_UUID * p_uuid2)729 BOOLEAN sdpu_compare_bt_uuids (tBT_UUID *p_uuid1, tBT_UUID *p_uuid2)
730 {
731 /* Lengths must match for BT UUIDs to match */
732 if (p_uuid1->len == p_uuid2->len) {
733 if (p_uuid1->len == 2) {
734 return (p_uuid1->uu.uuid16 == p_uuid2->uu.uuid16);
735 } else if (p_uuid1->len == 4) {
736 return (p_uuid1->uu.uuid32 == p_uuid2->uu.uuid32);
737 } else if (!memcmp (p_uuid1->uu.uuid128, p_uuid2->uu.uuid128, 16)) {
738 return (TRUE);
739 }
740 }
741
742 return (FALSE);
743 }
744
745
746 /*******************************************************************************
747 **
748 ** Function sdpu_compare_uuid_with_attr
749 **
750 ** Description This function compares a BT UUID structure with the UUID in an
751 ** SDP attribute record. If needed, they are expanded to 128-bit
752 ** UUIDs, then compared.
753 **
754 ** NOTE - it is assumed that BT UUID structures are compressed to the
755 ** smallest possible UUIDs (by removing the base SDP UUID).
756 ** - it is also assumed that the discovery atribute is compressed
757 ** to the smallest possible
758 **
759 ** Returns TRUE if matched, else FALSE
760 **
761 *******************************************************************************/
sdpu_compare_uuid_with_attr(tBT_UUID * p_btuuid,tSDP_DISC_ATTR * p_attr)762 BOOLEAN sdpu_compare_uuid_with_attr (tBT_UUID *p_btuuid, tSDP_DISC_ATTR *p_attr)
763 {
764 UINT16 attr_len = SDP_DISC_ATTR_LEN (p_attr->attr_len_type);
765
766 /* Since both UUIDs are compressed, lengths must match */
767 if (p_btuuid->len != attr_len) {
768 return (FALSE);
769 }
770
771 if (p_btuuid->len == 2) {
772 return (BOOLEAN)(p_btuuid->uu.uuid16 == p_attr->attr_value.v.u16);
773 } else if (p_btuuid->len == 4) {
774 return (BOOLEAN)(p_btuuid->uu.uuid32 == p_attr->attr_value.v.u32);
775 }
776 /* coverity[overrun-buffer-arg] */
777 /*
778 Event overrun-buffer-arg: Overrun of static array "&p_attr->attr_value.v.array" of size 4 bytes by passing it to a function which indexes it with argument "16U" at byte position 15
779 FALSE-POSITIVE error from Coverity test tool. Please do NOT remove following comment.
780 False-positive: SDP uses scratch buffer to hold the attribute value.
781 The actual size of tSDP_DISC_ATVAL does not matter.
782 If the array size in tSDP_DISC_ATVAL is increase, we would increase the system RAM usage unnecessarily
783 */
784 else if (!memcmp (p_btuuid->uu.uuid128, (void *) p_attr->attr_value.v.array, MAX_UUID_SIZE)) {
785 return (TRUE);
786 }
787
788 return (FALSE);
789 }
790
791 /*******************************************************************************
792 **
793 ** Function sdpu_sort_attr_list
794 **
795 ** Description sorts a list of attributes in numeric order from lowest to
796 ** highest to conform to SDP specification
797 **
798 ** Returns void
799 **
800 *******************************************************************************/
sdpu_sort_attr_list(UINT16 num_attr,tSDP_DISCOVERY_DB * p_db)801 void sdpu_sort_attr_list( UINT16 num_attr, tSDP_DISCOVERY_DB *p_db )
802 {
803 UINT16 i;
804 UINT16 x;
805
806 /* Done if no attributes to sort */
807 if (num_attr <= 1) {
808 return;
809 } else if (num_attr > SDP_MAX_ATTR_FILTERS) {
810 num_attr = SDP_MAX_ATTR_FILTERS;
811 }
812
813 num_attr--; /* for the for-loop */
814 for ( i = 0; i < num_attr; ) {
815 if ( p_db->attr_filters[i] > p_db->attr_filters[i + 1] ) {
816 /* swap the attribute IDs and start from the beginning */
817 x = p_db->attr_filters[i];
818 p_db->attr_filters[i] = p_db->attr_filters[i + 1];
819 p_db->attr_filters[i + 1] = x;
820
821 i = 0;
822 } else {
823 i++;
824 }
825 }
826 }
827
828
829 /*******************************************************************************
830 **
831 ** Function sdpu_get_list_len
832 **
833 ** Description gets the total list length in the sdp database for a given
834 ** uid sequence and attr sequence
835 **
836 ** Returns void
837 **
838 *******************************************************************************/
sdpu_get_list_len(tSDP_UUID_SEQ * uid_seq,tSDP_ATTR_SEQ * attr_seq)839 UINT16 sdpu_get_list_len(tSDP_UUID_SEQ *uid_seq, tSDP_ATTR_SEQ *attr_seq)
840 {
841 tSDP_RECORD *p_rec;
842 UINT16 len = 0;
843 UINT16 len1;
844
845 for (p_rec = sdp_db_service_search (NULL, uid_seq); p_rec; p_rec = sdp_db_service_search (p_rec, uid_seq)) {
846 len += 3;
847
848 len1 = sdpu_get_attrib_seq_len(p_rec, attr_seq );
849
850 if (len1 != 0) {
851 len += len1;
852 } else {
853 len -= 3;
854 }
855 }
856 return len;
857 }
858
859 /*******************************************************************************
860 **
861 ** Function sdpu_get_attrib_seq_len
862 **
863 ** Description gets the length of the specific attributes in a given
864 ** sdp record
865 **
866 ** Returns void
867 **
868 *******************************************************************************/
sdpu_get_attrib_seq_len(tSDP_RECORD * p_rec,tSDP_ATTR_SEQ * attr_seq)869 UINT16 sdpu_get_attrib_seq_len(tSDP_RECORD *p_rec, tSDP_ATTR_SEQ *attr_seq)
870 {
871 tSDP_ATTRIBUTE *p_attr;
872 UINT16 len1 = 0;
873 UINT16 xx;
874 BOOLEAN is_range = FALSE;
875 UINT16 start_id = 0, end_id = 0;
876
877 for (xx = 0; xx < attr_seq->num_attr; xx++) {
878 if (is_range == FALSE) {
879 start_id = attr_seq->attr_entry[xx].start;
880 end_id = attr_seq->attr_entry[xx].end;
881 }
882 p_attr = sdp_db_find_attr_in_rec (p_rec,
883 start_id,
884 end_id);
885 if (p_attr) {
886 len1 += sdpu_get_attrib_entry_len (p_attr);
887
888 /* If doing a range, stick with this one till no more attributes found */
889 if (start_id != end_id) {
890 /* Update for next time through */
891 start_id = p_attr->id + 1;
892 xx--;
893 is_range = TRUE;
894 } else {
895 is_range = FALSE;
896 }
897 } else {
898 is_range = FALSE;
899 }
900 }
901 return len1;
902 }
903
904 /*******************************************************************************
905 **
906 ** Function sdpu_get_attrib_entry_len
907 **
908 ** Description gets the length of a specific attribute
909 **
910 ** Returns void
911 **
912 *******************************************************************************/
sdpu_get_attrib_entry_len(tSDP_ATTRIBUTE * p_attr)913 UINT16 sdpu_get_attrib_entry_len(tSDP_ATTRIBUTE *p_attr)
914 {
915 UINT16 len = 3;
916
917 /* the attribute is in the db record.
918 * assuming the attribute len is less than SDP_MAX_ATTR_LEN */
919 switch (p_attr->type) {
920 case TEXT_STR_DESC_TYPE: /* 4 */
921 case DATA_ELE_SEQ_DESC_TYPE:/* 6 */
922 case DATA_ELE_ALT_DESC_TYPE:/* 7 */
923 case URL_DESC_TYPE: /* 8 */
924 #if (SDP_MAX_ATTR_LEN > 0xFFFF)
925 if (p_attr->len > 0xFFFF) {
926 len += 5;
927 } else
928
929 #endif/* 0xFFFF - 0xFF */
930 {
931 #if (SDP_MAX_ATTR_LEN > 0xFF)
932 if (p_attr->len > 0xFF) {
933 len += 3;
934 } else
935
936 #endif /* 0xFF and less*/
937 {
938 len += 2;
939 }
940 }
941 len += p_attr->len;
942 return len;
943 }
944
945 /* Now, the attribute value */
946 switch (p_attr->len) {
947 case 1:
948 case 2:
949 case 4:
950 case 8:
951 case 16:
952 len += 1;
953 break;
954 default:
955 len += 2;
956 break;
957 }
958
959 len += p_attr->len;
960 return len;
961 }
962
963
964 /*******************************************************************************
965 **
966 ** Function sdpu_build_partial_attrib_entry
967 **
968 ** Description This function fills a buffer with partial attribute. It is
969 ** assumed that the maximum size of any attribute is 256 bytes.
970 **
971 ** p_out: output buffer
972 ** p_attr: attribute to be copied partially into p_out
973 ** rem_len: num bytes to copy into p_out
974 ** offset: current start offset within the attr that needs to be copied
975 **
976 ** Returns Pointer to next byte in the output buffer.
977 ** offset is also updated
978 **
979 *******************************************************************************/
sdpu_build_partial_attrib_entry(UINT8 * p_out,tSDP_ATTRIBUTE * p_attr,UINT16 len,UINT16 * offset)980 UINT8 *sdpu_build_partial_attrib_entry (UINT8 *p_out, tSDP_ATTRIBUTE *p_attr, UINT16 len, UINT16 *offset)
981 {
982 UINT8 *p_attr_buff;
983 UINT8 *p_tmp_attr;
984 size_t len_to_copy;
985 UINT16 attr_len;
986
987 if ((p_attr_buff = (UINT8 *) osi_malloc(sizeof(UINT8) * SDP_MAX_ATTR_LEN )) == NULL) {
988 SDP_TRACE_ERROR("sdpu_build_partial_attrib_entry cannot get a buffer!\n");
989 return NULL;
990 }
991 p_tmp_attr = p_attr_buff;
992
993 sdpu_build_attrib_entry(p_tmp_attr, p_attr);
994 attr_len = sdpu_get_attrib_entry_len(p_attr);
995
996 len_to_copy = ((attr_len - *offset) < len) ? (attr_len - *offset) : len;
997
998 memcpy(p_out, &p_attr_buff[*offset], len_to_copy);
999
1000 p_out = &p_out[len_to_copy];
1001 *offset += len_to_copy;
1002
1003 osi_free(p_attr_buff);
1004 return p_out;
1005 }
1006
1007 /*******************************************************************************
1008 **
1009 ** Function sdpu_uuid16_to_uuid128
1010 **
1011 ** Description This function converts UUID-16 to UUID-128 by including the base UUID
1012 **
1013 ** uuid16: 2-byte UUID
1014 ** p_uuid128: Expanded 128-bit UUID
1015 **
1016 ** Returns None
1017 **
1018 *******************************************************************************/
1019
sdpu_uuid16_to_uuid128(UINT16 uuid16,UINT8 * p_uuid128)1020 void sdpu_uuid16_to_uuid128(UINT16 uuid16, UINT8 *p_uuid128)
1021 {
1022 UINT16 uuid16_bo;
1023 memset(p_uuid128, 0, 16);
1024
1025 memcpy(p_uuid128, sdp_base_uuid, MAX_UUID_SIZE);
1026 uuid16_bo = ntohs(uuid16);
1027 memcpy(p_uuid128 + 2, &uuid16_bo, sizeof(uint16_t));
1028 }
1029
1030 #endif ///SDP_INCLUDED == TRUE
1031
