bartoszek/zephyr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0d9654670f
zephyr/subsys/bluetooth/controller/ll_sw
History
Alberto Escolar Piedras 08f6532b67 Bluetooth: Controller: Fix corruption during BIG_CHANNEL_MAP_IND 
radio_pkt_big_ctrl_get() returns a statically allocated
buffer of type pdu_big_ctrl, but the callers expect a
buffer where a whole PDU for a BIG control packet can fit
(not just space for the payload),
and use it as such, overflowing this statically
allocated buffer, and smashing other variables after.

Let's fix it by allocating a buffer of the correct size
to fit a BIG control PDU.

Fixes https://github.com/zephyrproject-rtos/zephyr/issues/64497

Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
2023-10-30 18:36:39 +01:00
..
nordic Bluetooth: Controller: Fix corruption during BIG_CHANNEL_MAP_IND 2023-10-30 18:36:39 +01:00
openisa Bluetooth: Controller: Make aa in radio_aa_set const 2023-10-05 15:25:09 +02:00
isoal.c Bluetooth: Controller: Add hdl checks in isoal.c 2023-10-05 15:25:17 +02:00
isoal.h Bluetooth: Controller: ISO-AL validation and selection of TX time stamps 2023-09-18 14:35:42 +02:00
ll_addr.c Bluetooth: Rework the HCI header set 2023-06-12 06:20:24 -04:00
ll_feat_internal.h Bluetooth: Controller: Fix missing host feature reset 2023-09-25 16:42:20 +02:00
ll_feat.c Bluetooth: Controller: Fix missing host feature reset 2023-09-25 16:42:20 +02:00
ll_settings.c Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ll_test.h
ll_tx_pwr.c Bluetooth: Rework the HCI header set 2023-06-12 06:20:24 -04:00
lll_adv_aux.h Bluetooth: Controller: Extended Advertising using ticker expire info 2023-05-05 12:26:31 +02:00
lll_adv_iso.h Bluetooth: Controller: Extended Advertising using ticker expire info 2023-05-05 12:26:31 +02:00
lll_adv_sync.h Bluetooth: Controller: Review rework changes for multiple CIS support 2023-05-05 12:26:31 +02:00
lll_adv.h Bluetooth: Controller: Extended Advertising using ticker expire info 2023-05-05 12:26:31 +02:00
lll_central_iso.h
lll_central.h
lll_chan.c Bluetooth: Controller: Remove redudant header file includes 2023-06-29 17:15:48 +02:00
lll_chan.h Bluetooth: Controller: Review rework changes for multiple CIS support 2023-05-05 12:26:31 +02:00
lll_clock.h
lll_common.c Bluetooth: Controller: Add LL_ASSERT_OVERHEAD define 2023-06-29 17:16:47 +02:00
lll_conn_iso.h Bluetooth: Controller: Review rework flush timeout support 2023-10-02 10:00:27 +02:00
lll_conn.h
lll_df.h
lll_filter.h Bluetooth: Controller: Add trpa cache for BT_CTLR_SW_DEFERRED_PRIVACY 2023-08-29 16:13:22 +02:00
lll_iso_tx.h
lll_peripheral_iso.h
lll_peripheral.h
lll_scan_aux.h
lll_scan.h
lll_sched.h
lll_sync_iso.h Bluetooth: Controller: Fix BIS payload sliding window overrun check 2023-09-27 15:48:38 +02:00
lll_sync.h
lll.h Bluetooth: Controller: Remove separate done memq 2023-08-02 16:39:45 +02:00
nrf.cmake
openisa.cmake
pdu_df.h
pdu.h Bluetooth: Controller: Fix endianness issues for SyncInfo 2023-10-20 15:05:20 +02:00
ull_adv_aux.c Bluetooth: controller: change calc for data in PDU 2023-10-06 16:04:11 +03:00
ull_adv_internal.h Bluetooth: Controller: Use max time when scheduling Broadcast ISO 2023-09-21 12:49:48 +02:00
ull_adv_iso.c Bluetooth: Controller: Use max time when scheduling Broadcast ISO 2023-09-21 12:49:48 +02:00
ull_adv_sync.c Bluetooth: Controller: Fix endianness issues for SyncInfo 2023-10-20 15:05:20 +02:00
ull_adv_types.h Bluetooth: Controller: Fix read ISO Tx Sync for Broadcast ISO 2023-06-08 06:47:48 -04:00
ull_adv.c Bluetooth: Controller: Fix LE Set Ext Adv Param Cmd invalid status 2023-09-19 15:26:32 +01:00
ull_central_internal.h
ull_central_iso_internal.h Bluetooth: Controller: Central multiple CIS using advanced scheduling 2023-05-05 12:26:31 +02:00
ull_central_iso.c Bluetooth: Controller: Option to ignore Tx ISO Data Packet Seq Num 2023-10-02 10:00:27 +02:00
ull_central.c Bluetooth: Controller: Remove unused terminate_ack 2023-10-04 10:08:07 +02:00
ull_chan_internal.h
ull_chan.c
ull_conn_internal.h Bluetooth: Controller: Remove separate done memq 2023-08-02 16:39:45 +02:00
ull_conn_iso_internal.h Bluetooth: controller: Fix CIS peripheral conditional offset_min 2023-06-17 07:48:01 -04:00
ull_conn_iso_types.h Bluetooth: Controller: Option to ignore Tx ISO Data Packet Seq Num 2023-10-02 10:00:27 +02:00
ull_conn_iso.c Bluetooth: Controller: Add BT_CTLR_EVENT_OVERHEAD_RESERVE_MAX Kconfig 2023-09-27 15:47:45 +02:00
ull_conn_types.h Bluetooth: Controller: Remove unused terminate_ack 2023-10-04 10:08:07 +02:00
ull_conn.c Bluetooth: Controller: Avoid division by 0 with BT_CTLR_THROUGHPUT 2023-10-30 10:49:51 +01:00
ull_df_internal.h
ull_df_types.h
ull_df.c Bluetooth: Rework the HCI header set 2023-06-12 06:20:24 -04:00
ull_filter.c Bluetooth: Controller: Add trpa cache for BT_CTLR_SW_DEFERRED_PRIVACY 2023-08-29 16:13:22 +02:00
ull_filter.h
ull_internal.h Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull_iso_internal.h
ull_iso_types.h Bluetooth: controller: fix comparision of unsigned int to 0 2023-10-05 15:24:54 +02:00
ull_iso.c Bluetooth: Controll: Fix dead code in ll_setup_iso_path 2023-10-04 14:52:54 +01:00
ull_llcp_cc.c Bluetooth: controller: adding API for unmasking peer features 2023-09-28 14:05:00 +02:00
ull_llcp_chmu.c Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull_llcp_common.c Bluetooth: controller: Modify reason for local CIS_TERMINATE procedure 2023-08-21 15:11:48 +02:00
ull_llcp_conn_upd.c Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull_llcp_enc.c Bluetooth: controller: Fix LLCP enc. execution ctx 2023-08-30 10:22:15 +02:00
ull_llcp_features.h Bluetooth: controller: adding API for unmasking peer features 2023-09-28 14:05:00 +02:00
ull_llcp_internal.h Bluetooth: controller: Fixes for CIS Central error handling 2023-08-23 14:45:24 +02:00
ull_llcp_local.c Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull_llcp_pdu.c Bluetooth: controller: Use mayfly_is_running() in csrand_get() 2023-08-09 08:32:55 +00:00
ull_llcp_phy.c Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull_llcp_remote.c Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull_llcp.c Bluetooth: controller: Fixes for CIS Central error handling 2023-08-23 14:45:24 +02:00
ull_llcp.h Bluetooth: controller: Fixes for CIS Central error handling 2023-08-23 14:45:24 +02:00
ull_peripheral_internal.h
ull_peripheral_iso_internal.h
ull_peripheral_iso.c Bluetooth: Controller: Option to ignore Tx ISO Data Packet Seq Num 2023-10-02 10:00:27 +02:00
ull_peripheral.c Bluetooth: Controller: Add BT_CTLR_EVENT_OVERHEAD_RESERVE_MAX Kconfig 2023-09-27 15:47:45 +02:00
ull_scan_aux.c Bluetooth: Controller: Fix periodic advertising sync window 2023-10-24 15:12:18 +02:00
ull_scan_internal.h
ull_scan_types.h
ull_scan.c Bluetooth: Controller: Fix ticks_slot_window use in Observer 2023-09-21 09:27:15 +02:00
ull_sched_internal.h Bluetooth: Controller: Central multiple CIS using advanced scheduling 2023-05-05 12:26:31 +02:00
ull_sched.c Bluetooth: Controller: ISO: Fix compile issue with unicast 2023-09-28 13:12:19 +02:00
ull_sync_internal.h
ull_sync_iso_internal.h
ull_sync_iso.c Bluetooth: Controller: Fix BIS payload sliding window overrun check 2023-09-27 15:48:38 +02:00
ull_sync_types.h
ull_sync.c Bluetooth: Controller: Fix endianness issues for SyncInfo 2023-10-20 15:05:20 +02:00
ull_tx_queue.c Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull_tx_queue.h Bluetooth: Controller: Rework internal header includes 2023-06-12 06:20:24 -04:00
ull.c Bluetooth: Controller: Fix num cmplt for BIS HCI ISO Data fragments 2023-10-02 11:36:33 +02:00