Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / bt / refs/heads/odm/rc/target/13/fp4^2..refs/heads/odm/rc/target/13/fp4 / .
commit3f685d35867a686ceccfa3849ee12394dd1f32b6[log] [tgz]
authorandroid-t1 <xiaocong.gu@t2mobile.com>Tue Apr 18 17:43:43 2023 +0800
committerandroid-t1 <xiaocong.gu@t2mobile.com>Tue Apr 18 17:43:43 2023 +0800
tree168479c2a1819e834278d0a4ca4c4bea470a018b
parent7898c80c4209541eadaa548af16d580311c74033 [diff]
parent1a36395dfca2c2919ed03e8268fb84aa5318045c [diff]
Merge remote-tracking branch 'origin/LA.QSSI.11.0.R1.11.00.00.668.170.00' into fp4t-target-0414

diff --git a/binder/Android.bp b/binder/Android.bp
index adc27c4..35c3e86 100644
--- a/binder/Android.bp
+++ b/binder/Android.bp

@@ -85,6 +85,7 @@
     name: "libbluetooth-binder-aidl",
     srcs: [
         "android/bluetooth/IBluetooth.aidl",
+        "android/bluetooth/TctExtIBluetooth.aidl",
         "android/bluetooth/IBluetoothA2dp.aidl",
         "android/bluetooth/IBluetoothA2dpSink.aidl",
         "android/bluetooth/IBluetoothAvrcpController.aidl",

diff --git a/binder/android/bluetooth/IBluetooth.aidl b/binder/android/bluetooth/IBluetooth.aidl
index 3591589..fb4f2f5 100644
--- a/binder/android/bluetooth/IBluetooth.aidl
+++ b/binder/android/bluetooth/IBluetooth.aidl

@@ -61,7 +61,7 @@
 import android.os.ParcelUuid;
 import android.os.ParcelFileDescriptor;
 import android.os.ResultReceiver;
-
+import android.bluetooth.TctExtIBluetooth;
 /**
  * System private API for talking with the Bluetooth service.
  *
@@ -192,5 +192,6 @@
     int getDeviceType(in BluetoothDevice device);
 
     boolean isBroadcastActive();
+    TctExtIBluetooth getTctExtIBluetoothInterface();
 
 }

diff --git a/binder/android/bluetooth/TctExtIBluetooth.aidl b/binder/android/bluetooth/TctExtIBluetooth.aidl
new file mode 100644
index 0000000..023869e
--- /dev/null
+++ b/binder/android/bluetooth/TctExtIBluetooth.aidl

@@ -0,0 +1,20 @@
+package android.bluetooth;
+
+import android.bluetooth.IBluetoothCallback;
+import android.bluetooth.IBluetoothStateChangeCallback;
+import android.bluetooth.BluetoothActivityEnergyInfo;
+import android.bluetooth.BluetoothDevice;
+import android.os.ParcelUuid;
+import android.os.ParcelFileDescriptor;
+
+/**
+ * System private API for talking with the Bluetooth service.
+ *
+ * {@hide}
+ */
+interface TctExtIBluetooth
+{
+    int tct_setBtTestMode(int mode);
+    //int tct_setBtChannel(int position);
+    int tct_sendDutMode(int power);
+}

diff --git a/stack/bnep/bnep_api.cc b/stack/bnep/bnep_api.cc
index 809d0b2..3cd8153 100644
--- a/stack/bnep/bnep_api.cc
+++ b/stack/bnep/bnep_api.cc

@@ -344,6 +344,12 @@
                      BNEP_MTU_SIZE);
     osi_free(p_buf);
     return (BNEP_MTU_EXCEDED);
+  } else if (p_buf->len < 2) {
+    BNEP_TRACE_ERROR("%s length %d too short, must be at least 2", __func__,
+                     p_buf->len);
+    osi_free(p_buf);
+    return BNEP_IGNORE_CMD;
+
   }
 
   /* Check if the packet should be filtered out */
@@ -445,6 +451,11 @@
     BNEP_TRACE_ERROR("%s length %d exceeded MTU %d", __func__, len,
                      BNEP_MTU_SIZE);
     return (BNEP_MTU_EXCEDED);
+  } else if (len < 2) {
+    BNEP_TRACE_ERROR("%s length %d too short, must be at least 2", __func__,
+                     len);
+    return BNEP_IGNORE_CMD;
+
   }
 
   if ((!handle) || (handle > BNEP_MAX_CONNECTIONS)) return (BNEP_WRONG_HANDLE);