From f105455ebe6930c5004d46ffdc996aafa18fc593 Mon Sep 17 00:00:00 2001 From: Lingao Meng Date: Thu, 10 Dec 2020 22:28:56 -0800 Subject: [PATCH] Bluetooth: Mesh: Fix overflow of ivu_duration value Bluetooth Mesh require minimum limit time to enter iv update state or return to iv nornal state. For Zephyr bluetooth mesh implementation, use`ivu_duration` type `uint8_t` to represent current time, but if the time is more than 255 hours, there will be problems due to the overflow of 8-bit unassigned variables. Signed-off-by: Lingao Meng --- subsys/bluetooth/mesh/net.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/subsys/bluetooth/mesh/net.c b/subsys/bluetooth/mesh/net.c index 618f41c341f..48d41811ebb 100644 --- a/subsys/bluetooth/mesh/net.c +++ b/subsys/bluetooth/mesh/net.c @@ -803,7 +803,8 @@ void bt_mesh_net_recv(struct net_buf_simple *data, int8_t rssi, static void ivu_refresh(struct k_work *work) { - bt_mesh.ivu_duration += BT_MESH_IVU_HOURS; + bt_mesh.ivu_duration = MIN(UINT8_MAX, + bt_mesh.ivu_duration + BT_MESH_IVU_HOURS); BT_DBG("%s for %u hour%s", atomic_test_bit(bt_mesh.flags, BT_MESH_IVU_IN_PROGRESS) ?