From 18ef73e949d49f7345f2a6f3e51c029c7459e0a5 Mon Sep 17 00:00:00 2001 From: Okke Formsma Date: Tue, 25 May 2021 21:17:48 +0200 Subject: [PATCH 1/3] fix(core): Fix memory copy bug for GATT With newlib_libc enabled, a warning was printed for this memcpy. uuid is a `bt_uuid_128`, while BT_UUID_GATT_CCC is only `bt_uuid_16`. Fixes #808. Full warning: [53/272] Building C object CMakeFiles/app.dir/src/split/bluetooth/central.c.obj In file included from /home/okke/.local/zephyr-sdk-0.11.2/arm-zephyr-eabi/arm-zephyr-eabi/sys-include/string.h:180, from /home/okke/dev/zmk/zephyr/include/bluetooth/bluetooth.h:21, from ../../src/split/bluetooth/central.c:9: ../../src/split/bluetooth/central.c: In function 'split_central_discovery_func': ../../src/split/bluetooth/central.c:130:9: warning: '__builtin_memcpy' forming offset [5, 17] is out of the bounds [0, 4] of object '({anonymous})' with type 'struct bt_uuid_16[1]' [-Warray-bounds] 130 | memcpy(&uuid, BT_UUID_GATT_CCC, sizeof(uuid)); | ^~~~~~ /home/okke/dev/zmk/zephyr/include/bluetooth/uuid.h:72:45: note: '({anonymous})' declared here 72 | ((struct bt_uuid *) ((struct bt_uuid_16[]) {BT_UUID_INIT_16(value)})) | ^ /home/okke/dev/zmk/zephyr/include/bluetooth/uuid.h:372:2: note: in expansion of macro 'BT_UUID_DECLARE_16' 372 | BT_UUID_DECLARE_16(BT_UUID_GATT_CCC_VAL) | ^~~~~~~~~~~~~~~~~~ ../../src/split/bluetooth/central.c:130:23: note: in expansion of macro 'BT_UUID_GATT_CCC' 130 | memcpy(&uuid, BT_UUID_GATT_CCC, sizeof(uuid)); --- app/src/split/bluetooth/central.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/src/split/bluetooth/central.c b/app/src/split/bluetooth/central.c index a56b0b81..680e7a4e 100644 --- a/app/src/split/bluetooth/central.c +++ b/app/src/split/bluetooth/central.c @@ -127,7 +127,7 @@ static uint8_t split_central_discovery_func(struct bt_conn *conn, const struct b } } else if (!bt_uuid_cmp(discover_params.uuid, BT_UUID_DECLARE_128(ZMK_SPLIT_BT_CHAR_POSITION_STATE_UUID))) { - memcpy(&uuid, BT_UUID_GATT_CCC, sizeof(uuid)); + memcpy(&uuid, BT_UUID_GATT_CCC, sizeof(struct bt_uuid_16)); discover_params.uuid = &uuid.uuid; discover_params.start_handle = attr->handle + 2; discover_params.type = BT_GATT_DISCOVER_DESCRIPTOR; From 5e8794b4e101595b9ce93639014412b05824dc16 Mon Sep 17 00:00:00 2001 From: Okke Formsma Date: Tue, 25 May 2021 21:20:20 +0200 Subject: [PATCH 2/3] fix(core): Fix overflow in setting_name sprintf With newlib_libc enabled, a warning was printed for this sprintf. The settings_name may expand to 17 characters instead of the available 15. Fixes #808. Full warning: [49/272] Building C object CMakeFiles/app.dir/src/ble.c.obj In file included from /home/okke/.local/zephyr-sdk-0.11.2/arm-zephyr-eabi/arm-zephyr-eabi/sys-include/stdio.h:800, from ../../src/ble.c:12: ../../src/ble.c: In function 'set_profile_address': ../../src/ble.c:118:27: warning: '%d' directive writing between 1 and 3 bytes into a region of size 2 [-Wformat-overflow=] 118 | sprintf(setting_name, "ble/profiles/%d", index); | ^~~~~~~~~~~~~~~~~ ../../src/ble.c:118:41: note: format string is defined here 118 | sprintf(setting_name, "ble/profiles/%d", index); | ^~ In file included from /home/okke/.local/zephyr-sdk-0.11.2/arm-zephyr-eabi/arm-zephyr-eabi/sys-include/stdio.h:800, from ../../src/ble.c:12: ../../src/ble.c:118:27: note: directive argument in the range [0, 255] 118 | sprintf(setting_name, "ble/profiles/%d", index); | ^~~~~~~~~~~~~~~~~ ../../src/ble.c:118:5: note: '__builtin___sprintf_chk' output between 15 and 17 bytes into a destination of size 15 118 | sprintf(setting_name, "ble/profiles/%d", index); | ^~~~~~~ --- app/src/ble.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/src/ble.c b/app/src/ble.c index b15a079e..3d86d394 100644 --- a/app/src/ble.c +++ b/app/src/ble.c @@ -109,7 +109,7 @@ bool zmk_ble_active_profile_is_open() { } void set_profile_address(uint8_t index, const bt_addr_le_t *addr) { - char setting_name[15]; + char setting_name[17]; char addr_str[BT_ADDR_LE_STR_LEN]; bt_addr_le_to_str(addr, addr_str, sizeof(addr_str)); From b3fcab17c4bdfc2b13264d8778e933c6bc8ee5a6 Mon Sep 17 00:00:00 2001 From: Okke Formsma Date: Tue, 25 May 2021 22:43:01 +0200 Subject: [PATCH 3/3] fix(core): Do not use bt_uuid_128 if only a bt_uuid is necessary --- app/src/split/bluetooth/central.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/app/src/split/bluetooth/central.c b/app/src/split/bluetooth/central.c index 680e7a4e..00ddfc23 100644 --- a/app/src/split/bluetooth/central.c +++ b/app/src/split/bluetooth/central.c @@ -29,7 +29,7 @@ static int start_scan(void); static struct bt_conn *default_conn; -static struct bt_uuid_128 uuid = BT_UUID_INIT_128(ZMK_SPLIT_BT_SERVICE_UUID); +static struct bt_uuid uuid = {.type = BT_UUID_TYPE_128}; static struct bt_gatt_discover_params discover_params; static struct bt_gatt_subscribe_params subscribe_params; @@ -116,8 +116,8 @@ static uint8_t split_central_discovery_func(struct bt_conn *conn, const struct b LOG_DBG("[ATTRIBUTE] handle %u", attr->handle); if (!bt_uuid_cmp(discover_params.uuid, BT_UUID_DECLARE_128(ZMK_SPLIT_BT_SERVICE_UUID))) { - memcpy(&uuid, BT_UUID_DECLARE_128(ZMK_SPLIT_BT_CHAR_POSITION_STATE_UUID), sizeof(uuid)); - discover_params.uuid = &uuid.uuid; + uuid.type = BT_UUID_TYPE_128; + discover_params.uuid = &uuid; discover_params.start_handle = attr->handle + 1; discover_params.type = BT_GATT_DISCOVER_CHARACTERISTIC; @@ -127,8 +127,8 @@ static uint8_t split_central_discovery_func(struct bt_conn *conn, const struct b } } else if (!bt_uuid_cmp(discover_params.uuid, BT_UUID_DECLARE_128(ZMK_SPLIT_BT_CHAR_POSITION_STATE_UUID))) { - memcpy(&uuid, BT_UUID_GATT_CCC, sizeof(struct bt_uuid_16)); - discover_params.uuid = &uuid.uuid; + uuid.type = BT_UUID_TYPE_16; + discover_params.uuid = &uuid; discover_params.start_handle = attr->handle + 2; discover_params.type = BT_GATT_DISCOVER_DESCRIPTOR; subscribe_params.value_handle = bt_gatt_attr_value_handle(attr); @@ -162,7 +162,7 @@ static void split_central_process_connection(struct bt_conn *conn) { } if (conn == default_conn && !subscribe_params.value) { - discover_params.uuid = &uuid.uuid; + discover_params.uuid = &uuid; discover_params.func = split_central_discovery_func; discover_params.start_handle = 0x0001; discover_params.end_handle = 0xffff;