mirror of
https://github.com/espressif/esp-idf.git
synced 2026-04-27 19:13:21 +00:00
fix(bt): fix A2DP bta component issues reported by AI review
This commit is contained in:
yangfeng
@@ -146,10 +146,11 @@ void bta_ar_dereg_avdt(tBTA_SYS_ID sys_id)
|
|||||||
bta_ar_cb.p_avk_conn_cback = NULL;
|
bta_ar_cb.p_avk_conn_cback = NULL;
|
||||||
mask = BTA_AR_AVK_MASK;
|
mask = BTA_AR_AVK_MASK;
|
||||||
}
|
}
|
||||||
bta_ar_cb.avdt_registered &= ~mask;
|
if (mask) {
|
||||||
|
bta_ar_cb.avdt_registered &= ~mask;
|
||||||
if (bta_ar_cb.avdt_registered == 0) {
|
if (bta_ar_cb.avdt_registered == 0) {
|
||||||
AVDT_Deregister();
|
AVDT_Deregister();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -170,6 +171,7 @@ void bta_ar_avdt_conn(tBTA_SYS_ID sys_id, BD_ADDR bd_addr)
|
|||||||
UINT8 event = BTA_AR_AVDT_CONN_EVT;
|
UINT8 event = BTA_AR_AVDT_CONN_EVT;
|
||||||
tAVDT_CTRL data;
|
tAVDT_CTRL data;
|
||||||
|
|
||||||
|
memset(&data, 0, sizeof(tAVDT_CTRL));
|
||||||
if (sys_id == BTA_ID_AV) {
|
if (sys_id == BTA_ID_AV) {
|
||||||
if (bta_ar_cb.p_avk_conn_cback) {
|
if (bta_ar_cb.p_avk_conn_cback) {
|
||||||
(*bta_ar_cb.p_avk_conn_cback)(0, bd_addr, event, &data);
|
(*bta_ar_cb.p_avk_conn_cback)(0, bd_addr, event, &data);
|
||||||
@@ -215,10 +217,11 @@ void bta_ar_dereg_avct(tBTA_SYS_ID sys_id)
|
|||||||
{
|
{
|
||||||
UINT8 mask = bta_ar_id (sys_id);
|
UINT8 mask = bta_ar_id (sys_id);
|
||||||
|
|
||||||
bta_ar_cb.avct_registered &= ~mask;
|
if (mask) {
|
||||||
|
bta_ar_cb.avct_registered &= ~mask;
|
||||||
if (bta_ar_cb.avct_registered == 0) {
|
if (bta_ar_cb.avct_registered == 0) {
|
||||||
AVCT_Deregister();
|
AVCT_Deregister();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -299,12 +302,12 @@ void bta_ar_dereg_avrc(UINT16 service_uuid, tBTA_SYS_ID sys_id)
|
|||||||
bta_ar_cb.ct_categories [mask - 1] = 0;
|
bta_ar_cb.ct_categories [mask - 1] = 0;
|
||||||
categories = bta_ar_cb.ct_categories[0] | bta_ar_cb.ct_categories[1];
|
categories = bta_ar_cb.ct_categories[0] | bta_ar_cb.ct_categories[1];
|
||||||
if (!categories) {
|
if (!categories) {
|
||||||
/* no CT is still registered - cleaup */
|
/* no CT is still registered - cleanup */
|
||||||
SDP_DeleteRecord(bta_ar_cb.sdp_ct_handle);
|
SDP_DeleteRecord(bta_ar_cb.sdp_ct_handle);
|
||||||
bta_ar_cb.sdp_ct_handle = 0;
|
bta_ar_cb.sdp_ct_handle = 0;
|
||||||
bta_sys_remove_uuid(service_uuid);
|
bta_sys_remove_uuid(service_uuid);
|
||||||
} else {
|
} else {
|
||||||
/* change supported categories to the remaning one */
|
/* change supported categories to the remaining one */
|
||||||
p = temp;
|
p = temp;
|
||||||
UINT16_TO_BE_STREAM(p, categories);
|
UINT16_TO_BE_STREAM(p, categories);
|
||||||
SDP_AddAttribute(bta_ar_cb.sdp_ct_handle, ATTR_ID_SUPPORTED_FEATURES, UINT_DESC_TYPE,
|
SDP_AddAttribute(bta_ar_cb.sdp_ct_handle, ATTR_ID_SUPPORTED_FEATURES, UINT_DESC_TYPE,
|
||||||
|
|||||||
@@ -522,6 +522,11 @@ static void bta_av_proc_stream_evt(UINT8 handle, BD_ADDR bd_addr, UINT8 event, t
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* look up application event */
|
/* look up application event */
|
||||||
|
/* bounds check to avoid out-of-bounds read */
|
||||||
|
if (event >= sizeof(bta_av_stream_evt_ok) / sizeof(bta_av_stream_evt_ok[0])) {
|
||||||
|
osi_free(p_msg);
|
||||||
|
return;
|
||||||
|
}
|
||||||
if ((p_data == NULL) || (p_data->hdr.err_code == 0)) {
|
if ((p_data == NULL) || (p_data->hdr.err_code == 0)) {
|
||||||
p_msg->hdr.event = bta_av_stream_evt_ok[event];
|
p_msg->hdr.event = bta_av_stream_evt_ok[event];
|
||||||
if (p_msg->hdr.event == BTA_AV_STR_START_OK_EVT) {
|
if (p_msg->hdr.event == BTA_AV_STR_START_OK_EVT) {
|
||||||
@@ -582,7 +587,7 @@ void bta_av_stream_data_cback(UINT8 handle, BT_HDR *p_pkt, UINT32 time_stamp, UI
|
|||||||
/* Get SCB and correct sep type*/
|
/* Get SCB and correct sep type*/
|
||||||
for (index = 0; index < BTA_AV_NUM_STRS; index ++ ) {
|
for (index = 0; index < BTA_AV_NUM_STRS; index ++ ) {
|
||||||
p_scb = bta_av_cb.p_scb[index];
|
p_scb = bta_av_cb.p_scb[index];
|
||||||
if ((p_scb->avdt_handle == handle) && (p_scb->seps[p_scb->sep_idx].tsep == AVDT_TSEP_SNK)) {
|
if (p_scb && (p_scb->avdt_handle == handle) && (p_scb->seps[p_scb->sep_idx].tsep == AVDT_TSEP_SNK)) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -731,6 +736,7 @@ static void bta_av_a2d_sdp_cback(BOOLEAN found, tA2D_Service *p_service)
|
|||||||
bta_sys_sendmsg(p_msg);
|
bta_sys_sendmsg(p_msg);
|
||||||
} else {
|
} else {
|
||||||
APPL_TRACE_ERROR ("bta_av_a2d_sdp_cback, no scb found for handle(0x%x)", bta_av_cb.handle);
|
APPL_TRACE_ERROR ("bta_av_a2d_sdp_cback, no scb found for handle(0x%x)", bta_av_cb.handle);
|
||||||
|
osi_free(p_msg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1643,7 +1649,7 @@ void bta_av_disc_results (tBTA_AV_SCB *p_scb, tBTA_AV_DATA *p_data)
|
|||||||
p_data->str_msg.msg.discover_cfm.p_sep_info[i].tsep
|
p_data->str_msg.msg.discover_cfm.p_sep_info[i].tsep
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
for (i = 0; i < p_scb->num_seps; i++) {
|
for (i = 0; i < num_seps; i++) {
|
||||||
/* steam not in use, is a sink, and is audio */
|
/* steam not in use, is a sink, and is audio */
|
||||||
if ((p_scb->sep_info[i].in_use == FALSE) &&
|
if ((p_scb->sep_info[i].in_use == FALSE) &&
|
||||||
(p_scb->sep_info[i].media_type == p_scb->media_type)) {
|
(p_scb->sep_info[i].media_type == p_scb->media_type)) {
|
||||||
@@ -1883,6 +1889,11 @@ void bta_av_getcap_results (tBTA_AV_SCB *p_scb, tBTA_AV_DATA *p_data)
|
|||||||
UINT16 uuid_int; /* UUID for which connection was initiated */
|
UINT16 uuid_int; /* UUID for which connection was initiated */
|
||||||
tBTA_AV_SNK_PSC_CFG psc_cfg = {0};
|
tBTA_AV_SNK_PSC_CFG psc_cfg = {0};
|
||||||
|
|
||||||
|
if (p_scb->p_cap == NULL) {
|
||||||
|
APPL_TRACE_ERROR("bta_av_getcap_results: p_cap is NULL");
|
||||||
|
bta_av_ssm_execute(p_scb, BTA_AV_STR_GETCAP_FAIL_EVT, p_data);
|
||||||
|
return;
|
||||||
|
}
|
||||||
memcpy(&cfg, &p_scb->cfg, sizeof(tAVDT_CFG));
|
memcpy(&cfg, &p_scb->cfg, sizeof(tAVDT_CFG));
|
||||||
cfg.num_codec = 1;
|
cfg.num_codec = 1;
|
||||||
cfg.num_protect = p_scb->p_cap->num_protect;
|
cfg.num_protect = p_scb->p_cap->num_protect;
|
||||||
@@ -2178,9 +2189,9 @@ void bta_av_reconfig (tBTA_AV_SCB *p_scb, tBTA_AV_DATA *p_data)
|
|||||||
bta_sys_stop_timer(&p_scb->timer);
|
bta_sys_stop_timer(&p_scb->timer);
|
||||||
|
|
||||||
memcpy(p_cfg, &p_scb->cfg, sizeof(tAVDT_CFG));
|
memcpy(p_cfg, &p_scb->cfg, sizeof(tAVDT_CFG));
|
||||||
p_cfg->num_protect = p_rcfg->num_protect;
|
p_cfg->num_protect = (p_rcfg->num_protect <= AVDT_PROTECT_SIZE) ? p_rcfg->num_protect : AVDT_PROTECT_SIZE;
|
||||||
memcpy(p_cfg->codec_info, p_rcfg->codec_info, AVDT_CODEC_SIZE);
|
memcpy(p_cfg->codec_info, p_rcfg->codec_info, AVDT_CODEC_SIZE);
|
||||||
memcpy(p_cfg->protect_info, p_rcfg->p_protect_info, p_rcfg->num_protect);
|
memcpy(p_cfg->protect_info, p_rcfg->p_protect_info, p_cfg->num_protect);
|
||||||
p_scb->rcfg_idx = p_rcfg->sep_info_idx;
|
p_scb->rcfg_idx = p_rcfg->sep_info_idx;
|
||||||
p_scb->p_cap->psc_mask = p_scb->cur_psc_mask;
|
p_scb->p_cap->psc_mask = p_scb->cur_psc_mask;
|
||||||
|
|
||||||
@@ -2393,7 +2404,12 @@ void bta_av_start_ok (tBTA_AV_SCB *p_scb, tBTA_AV_DATA *p_data)
|
|||||||
* If the code were to be re-arranged for some reasons, this number may need to be changed
|
* If the code were to be re-arranged for some reasons, this number may need to be changed
|
||||||
*/
|
*/
|
||||||
p_scb->co_started = bta_av_cb.audio_open_cnt;
|
p_scb->co_started = bta_av_cb.audio_open_cnt;
|
||||||
flush_to = p_bta_av_cfg->p_audio_flush_to[p_scb->co_started - 1];
|
if (p_scb->co_started > 0) {
|
||||||
|
flush_to = p_bta_av_cfg->p_audio_flush_to[p_scb->co_started - 1];
|
||||||
|
} else {
|
||||||
|
APPL_TRACE_ERROR("bta_av_start_ok: co_started is 0");
|
||||||
|
flush_to = p_bta_av_cfg->p_audio_flush_to[0];
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
flush_to = p_bta_av_cfg->video_flush_to;
|
flush_to = p_bta_av_cfg->video_flush_to;
|
||||||
}
|
}
|
||||||
@@ -2785,7 +2801,11 @@ void bta_av_suspend_cont (tBTA_AV_SCB *p_scb, tBTA_AV_DATA *p_data)
|
|||||||
if (AVDT_ERR_CONNECT == err_code) {
|
if (AVDT_ERR_CONNECT == err_code) {
|
||||||
/* report failure */
|
/* report failure */
|
||||||
evt.status = BTA_AV_FAIL;
|
evt.status = BTA_AV_FAIL;
|
||||||
(*bta_av_cb.p_cback)(BTA_AV_RECONFIG_EVT, (tBTA_AV *)&evt);
|
evt.chnl = p_scb->chnl;
|
||||||
|
evt.hndl = p_scb->hndl;
|
||||||
|
if (bta_av_cb.p_cback) {
|
||||||
|
(*bta_av_cb.p_cback)(BTA_AV_RECONFIG_EVT, (tBTA_AV *)&evt);
|
||||||
|
}
|
||||||
bta_av_ssm_execute(p_scb, BTA_AV_STR_DISC_FAIL_EVT, NULL);
|
bta_av_ssm_execute(p_scb, BTA_AV_STR_DISC_FAIL_EVT, NULL);
|
||||||
} else {
|
} else {
|
||||||
APPL_TRACE_ERROR("suspend rejected, try close");
|
APPL_TRACE_ERROR("suspend rejected, try close");
|
||||||
@@ -2801,9 +2821,18 @@ void bta_av_suspend_cont (tBTA_AV_SCB *p_scb, tBTA_AV_DATA *p_data)
|
|||||||
} else {
|
} else {
|
||||||
APPL_TRACE_DEBUG("bta_av_suspend_cont calling AVDT_ReconfigReq");
|
APPL_TRACE_DEBUG("bta_av_suspend_cont calling AVDT_ReconfigReq");
|
||||||
/* reconfig the stream */
|
/* reconfig the stream */
|
||||||
|
if (p_scb->p_cap == NULL) {
|
||||||
AVDT_ReconfigReq(p_scb->avdt_handle, p_scb->p_cap);
|
evt.status = BTA_AV_FAIL;
|
||||||
p_scb->p_cap->psc_mask = p_scb->cur_psc_mask;
|
evt.chnl = p_scb->chnl;
|
||||||
|
evt.hndl = p_scb->hndl;
|
||||||
|
if (bta_av_cb.p_cback) {
|
||||||
|
(*bta_av_cb.p_cback)(BTA_AV_RECONFIG_EVT, (tBTA_AV *)&evt);
|
||||||
|
}
|
||||||
|
bta_av_ssm_execute(p_scb, BTA_AV_STR_DISC_FAIL_EVT, NULL);
|
||||||
|
} else {
|
||||||
|
AVDT_ReconfigReq(p_scb->avdt_handle, p_scb->p_cap);
|
||||||
|
p_scb->p_cap->psc_mask = p_scb->cur_psc_mask;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -298,12 +298,18 @@ UINT8 bta_av_rc_create(tBTA_AV_CB *p_cb, UINT8 role, UINT8 shdl, UINT8 lidx)
|
|||||||
tAVRC_CONN_CB ccb;
|
tAVRC_CONN_CB ccb;
|
||||||
BD_ADDR_PTR bda = (BD_ADDR_PTR)bd_addr_any;
|
BD_ADDR_PTR bda = (BD_ADDR_PTR)bd_addr_any;
|
||||||
UINT8 status = BTA_AV_RC_ROLE_ACP;
|
UINT8 status = BTA_AV_RC_ROLE_ACP;
|
||||||
tBTA_AV_SCB *p_scb = p_cb->p_scb[shdl - 1];
|
tBTA_AV_SCB *p_scb = NULL;
|
||||||
int i;
|
int i;
|
||||||
UINT8 rc_handle;
|
UINT8 rc_handle;
|
||||||
tBTA_AV_RCB *p_rcb;
|
tBTA_AV_RCB *p_rcb;
|
||||||
|
|
||||||
|
if (shdl > 0 && shdl <= BTA_AV_NUM_STRS) {
|
||||||
|
p_scb = p_cb->p_scb[shdl - 1];
|
||||||
|
}
|
||||||
if (role == AVCT_INT) {
|
if (role == AVCT_INT) {
|
||||||
|
if (p_scb == NULL) {
|
||||||
|
return BTA_AV_RC_HANDLE_NONE;
|
||||||
|
}
|
||||||
bda = p_scb->peer_addr;
|
bda = p_scb->peer_addr;
|
||||||
status = BTA_AV_RC_ROLE_INT;
|
status = BTA_AV_RC_ROLE_INT;
|
||||||
} else {
|
} else {
|
||||||
@@ -325,6 +331,11 @@ UINT8 bta_av_rc_create(tBTA_AV_CB *p_cb, UINT8 role, UINT8 shdl, UINT8 lidx)
|
|||||||
return BTA_AV_RC_HANDLE_NONE;
|
return BTA_AV_RC_HANDLE_NONE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (rc_handle >= BTA_AV_NUM_RCB) {
|
||||||
|
APPL_TRACE_ERROR("bta_av_rc_create: EINVAL rc_handle %u", rc_handle);
|
||||||
|
AVRC_Close(rc_handle);
|
||||||
|
return BTA_AV_RC_HANDLE_NONE;
|
||||||
|
}
|
||||||
i = rc_handle;
|
i = rc_handle;
|
||||||
p_rcb = &p_cb->rcb[i];
|
p_rcb = &p_cb->rcb[i];
|
||||||
|
|
||||||
@@ -834,7 +845,7 @@ void bta_av_rc_msg(tBTA_AV_CB *p_cb, tBTA_AV_DATA *p_data)
|
|||||||
tBTA_AV av;
|
tBTA_AV av;
|
||||||
BT_HDR *p_pkt = NULL;
|
BT_HDR *p_pkt = NULL;
|
||||||
tAVRC_MSG_VENDOR *p_vendor = &p_data->rc_msg.msg.vendor;
|
tAVRC_MSG_VENDOR *p_vendor = &p_data->rc_msg.msg.vendor;
|
||||||
BOOLEAN is_inquiry = ((p_data->rc_msg.msg.hdr.ctype == AVRC_CMD_SPEC_INQ) || p_data->rc_msg.msg.hdr.ctype == AVRC_CMD_GEN_INQ);
|
BOOLEAN is_inquiry = ((p_data->rc_msg.msg.hdr.ctype == AVRC_CMD_SPEC_INQ) || (p_data->rc_msg.msg.hdr.ctype == AVRC_CMD_GEN_INQ));
|
||||||
#if (AVRC_METADATA_INCLUDED == TRUE)
|
#if (AVRC_METADATA_INCLUDED == TRUE)
|
||||||
UINT8 ctype = 0;
|
UINT8 ctype = 0;
|
||||||
tAVRC_RESPONSE rc_rsp;
|
tAVRC_RESPONSE rc_rsp;
|
||||||
@@ -936,7 +947,9 @@ void bta_av_rc_msg(tBTA_AV_CB *p_cb, tBTA_AV_DATA *p_data)
|
|||||||
/* else if not configured to support vendor specific and it's a command */
|
/* else if not configured to support vendor specific and it's a command */
|
||||||
else if (!(p_cb->features & BTA_AV_FEAT_VENDOR) &&
|
else if (!(p_cb->features & BTA_AV_FEAT_VENDOR) &&
|
||||||
p_data->rc_msg.msg.hdr.ctype <= AVRC_CMD_GEN_INQ) {
|
p_data->rc_msg.msg.hdr.ctype <= AVRC_CMD_GEN_INQ) {
|
||||||
if (p_data->rc_msg.msg.vendor.p_vendor_data[0] == AVRC_PDU_INVALID) {
|
if (p_data->rc_msg.msg.vendor.p_vendor_data != NULL &&
|
||||||
|
p_data->rc_msg.msg.vendor.vendor_len >= 5 &&
|
||||||
|
p_data->rc_msg.msg.vendor.p_vendor_data[0] == AVRC_PDU_INVALID) {
|
||||||
/* reject it */
|
/* reject it */
|
||||||
p_data->rc_msg.msg.hdr.ctype = BTA_AV_RSP_REJ;
|
p_data->rc_msg.msg.hdr.ctype = BTA_AV_RSP_REJ;
|
||||||
p_data->rc_msg.msg.vendor.p_vendor_data[4] = AVRC_STS_BAD_CMD;
|
p_data->rc_msg.msg.vendor.p_vendor_data[4] = AVRC_STS_BAD_CMD;
|
||||||
@@ -1704,11 +1717,16 @@ void bta_av_rc_disc_done(tBTA_AV_DATA *p_data)
|
|||||||
/* cannot create valid rc_handle for current device. report failure */
|
/* cannot create valid rc_handle for current device. report failure */
|
||||||
APPL_TRACE_ERROR("%s: no link resources available", __func__);
|
APPL_TRACE_ERROR("%s: no link resources available", __func__);
|
||||||
p_scb->use_rc = FALSE;
|
p_scb->use_rc = FALSE;
|
||||||
|
rc_open.rc_handle = BTA_AV_RC_HANDLE_NONE;
|
||||||
bdcpy(rc_open.peer_addr, p_scb->peer_addr);
|
bdcpy(rc_open.peer_addr, p_scb->peer_addr);
|
||||||
rc_open.peer_features = 0;
|
rc_open.peer_features = 0;
|
||||||
|
rc_open.peer_ct_features = 0;
|
||||||
|
rc_open.peer_tg_features = 0;
|
||||||
rc_open.sdp_disc_done = FALSE;
|
rc_open.sdp_disc_done = FALSE;
|
||||||
rc_open.status = BTA_AV_FAIL_SDP;
|
rc_open.status = BTA_AV_FAIL_SDP;
|
||||||
(*p_cb->p_cback)(BTA_AV_RC_OPEN_EVT, (tBTA_AV *) &rc_open);
|
if (p_cb->p_cback) {
|
||||||
|
(*p_cb->p_cback)(BTA_AV_RC_OPEN_EVT, (tBTA_AV *) &rc_open);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#if (BT_USE_TRACES == TRUE || BT_TRACE_APPL == TRUE)
|
#if (BT_USE_TRACES == TRUE || BT_TRACE_APPL == TRUE)
|
||||||
@@ -1719,11 +1737,16 @@ void bta_av_rc_disc_done(tBTA_AV_DATA *p_data)
|
|||||||
} else if (p_scb->use_rc) {
|
} else if (p_scb->use_rc) {
|
||||||
/* can not find AVRC on peer device. report failure */
|
/* can not find AVRC on peer device. report failure */
|
||||||
p_scb->use_rc = FALSE;
|
p_scb->use_rc = FALSE;
|
||||||
|
rc_open.rc_handle = BTA_AV_RC_HANDLE_NONE;
|
||||||
bdcpy(rc_open.peer_addr, p_scb->peer_addr);
|
bdcpy(rc_open.peer_addr, p_scb->peer_addr);
|
||||||
rc_open.peer_features = 0;
|
rc_open.peer_features = 0;
|
||||||
|
rc_open.peer_ct_features = 0;
|
||||||
|
rc_open.peer_tg_features = 0;
|
||||||
rc_open.sdp_disc_done = FALSE;
|
rc_open.sdp_disc_done = FALSE;
|
||||||
rc_open.status = BTA_AV_FAIL_SDP;
|
rc_open.status = BTA_AV_FAIL_SDP;
|
||||||
(*p_cb->p_cback)(BTA_AV_RC_OPEN_EVT, (tBTA_AV *) &rc_open);
|
if (p_cb->p_cback) {
|
||||||
|
(*p_cb->p_cback)(BTA_AV_RC_OPEN_EVT, (tBTA_AV *) &rc_open);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
@@ -1737,7 +1760,9 @@ void bta_av_rc_disc_done(tBTA_AV_DATA *p_data)
|
|||||||
rc_feat.peer_features = peer_features;
|
rc_feat.peer_features = peer_features;
|
||||||
rc_feat.peer_ct_features = peer_ct_features;
|
rc_feat.peer_ct_features = peer_ct_features;
|
||||||
rc_feat.peer_tg_features = peer_tg_features;
|
rc_feat.peer_tg_features = peer_tg_features;
|
||||||
(*p_cb->p_cback)(BTA_AV_RC_FEAT_EVT, (tBTA_AV *) &rc_feat);
|
if (p_cb->p_cback) {
|
||||||
|
(*p_cb->p_cback)(BTA_AV_RC_FEAT_EVT, (tBTA_AV *) &rc_feat);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1866,12 +1891,17 @@ void bta_av_rc_disc(UINT8 disc)
|
|||||||
if ((disc & BTA_AV_CHNL_MSK) == BTA_AV_CHNL_MSK) {
|
if ((disc & BTA_AV_CHNL_MSK) == BTA_AV_CHNL_MSK) {
|
||||||
/* this is the rc handle/index to tBTA_AV_RCB */
|
/* this is the rc handle/index to tBTA_AV_RCB */
|
||||||
rc_handle = disc & (~BTA_AV_CHNL_MSK);
|
rc_handle = disc & (~BTA_AV_CHNL_MSK);
|
||||||
if (p_cb->rcb[rc_handle].lidx) {
|
if (rc_handle < BTA_AV_NUM_RCB && p_cb->rcb[rc_handle].lidx > 0 &&
|
||||||
|
p_cb->rcb[rc_handle].lidx <= (BTA_AV_NUM_LINKS + 1)) {
|
||||||
p_addr = p_cb->lcb[p_cb->rcb[rc_handle].lidx - 1].addr;
|
p_addr = p_cb->lcb[p_cb->rcb[rc_handle].lidx - 1].addr;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
hdi = (disc & BTA_AV_HNDL_MSK) - 1;
|
hdi = (disc & BTA_AV_HNDL_MSK);
|
||||||
p_scb = p_cb->p_scb[hdi];
|
if (hdi > 0 && (hdi - 1) < BTA_AV_NUM_STRS) {
|
||||||
|
p_scb = p_cb->p_scb[hdi - 1];
|
||||||
|
} else {
|
||||||
|
p_scb = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (p_scb) {
|
if (p_scb) {
|
||||||
APPL_TRACE_DEBUG("rc_handle %d", p_scb->rc_handle);
|
APPL_TRACE_DEBUG("rc_handle %d", p_scb->rc_handle);
|
||||||
|
|||||||
@@ -117,6 +117,7 @@ void BTA_AvRegister(tBTA_AV_CHNL chnl, const char *p_service_name, UINT8 app_id,
|
|||||||
p_buf->hdr.event = BTA_AV_API_REGISTER_EVT;
|
p_buf->hdr.event = BTA_AV_API_REGISTER_EVT;
|
||||||
if (p_service_name) {
|
if (p_service_name) {
|
||||||
BCM_STRNCPY_S(p_buf->p_service_name, p_service_name, BTA_SERVICE_NAME_LEN);
|
BCM_STRNCPY_S(p_buf->p_service_name, p_service_name, BTA_SERVICE_NAME_LEN);
|
||||||
|
p_buf->p_service_name[BTA_SERVICE_NAME_LEN] = '\0';
|
||||||
} else {
|
} else {
|
||||||
p_buf->p_service_name[0] = '\0';
|
p_buf->p_service_name[0] = '\0';
|
||||||
}
|
}
|
||||||
@@ -133,6 +134,9 @@ void BTA_AvRegSEP(tBTA_AV_CHNL chnl, UINT8 seid, UINT8 tsep, tBTA_AV_CODEC codec
|
|||||||
{
|
{
|
||||||
tBTA_AV_API_REG_SEP *p_buf;
|
tBTA_AV_API_REG_SEP *p_buf;
|
||||||
|
|
||||||
|
if (p_codec_info == NULL) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
if ((p_buf = (tBTA_AV_API_REG_SEP *) osi_malloc(sizeof(tBTA_AV_API_REG_SEP))) != NULL) {
|
if ((p_buf = (tBTA_AV_API_REG_SEP *) osi_malloc(sizeof(tBTA_AV_API_REG_SEP))) != NULL) {
|
||||||
p_buf->hdr.layer_specific = chnl;
|
p_buf->hdr.layer_specific = chnl;
|
||||||
p_buf->hdr.event = BTA_AV_API_REG_SEP_EVT;
|
p_buf->hdr.event = BTA_AV_API_REG_SEP_EVT;
|
||||||
@@ -344,8 +348,14 @@ void BTA_AvReconfig(tBTA_AV_HNDL hndl, BOOLEAN suspend, UINT8 sep_info_idx,
|
|||||||
void BTA_AvProtectReq(tBTA_AV_HNDL hndl, UINT8 *p_data, UINT16 len)
|
void BTA_AvProtectReq(tBTA_AV_HNDL hndl, UINT8 *p_data, UINT16 len)
|
||||||
{
|
{
|
||||||
tBTA_AV_API_PROTECT_REQ *p_buf;
|
tBTA_AV_API_PROTECT_REQ *p_buf;
|
||||||
|
size_t alloc_size;
|
||||||
|
|
||||||
if ((p_buf = (tBTA_AV_API_PROTECT_REQ *) osi_malloc((UINT16) (sizeof(tBTA_AV_API_PROTECT_REQ) + len))) != NULL) {
|
/* Cap allocation size to avoid UINT16 overflow */
|
||||||
|
alloc_size = sizeof(tBTA_AV_API_PROTECT_REQ) + len;
|
||||||
|
if (alloc_size > 0xFFFF) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if ((p_buf = (tBTA_AV_API_PROTECT_REQ *) osi_malloc((UINT16) alloc_size)) != NULL) {
|
||||||
p_buf->hdr.layer_specific = hndl;
|
p_buf->hdr.layer_specific = hndl;
|
||||||
p_buf->hdr.event = BTA_AV_API_PROTECT_REQ_EVT;
|
p_buf->hdr.event = BTA_AV_API_PROTECT_REQ_EVT;
|
||||||
p_buf->len = len;
|
p_buf->len = len;
|
||||||
@@ -374,8 +384,14 @@ void BTA_AvProtectReq(tBTA_AV_HNDL hndl, UINT8 *p_data, UINT16 len)
|
|||||||
void BTA_AvProtectRsp(tBTA_AV_HNDL hndl, UINT8 error_code, UINT8 *p_data, UINT16 len)
|
void BTA_AvProtectRsp(tBTA_AV_HNDL hndl, UINT8 error_code, UINT8 *p_data, UINT16 len)
|
||||||
{
|
{
|
||||||
tBTA_AV_API_PROTECT_RSP *p_buf;
|
tBTA_AV_API_PROTECT_RSP *p_buf;
|
||||||
|
size_t alloc_size;
|
||||||
|
|
||||||
if ((p_buf = (tBTA_AV_API_PROTECT_RSP *) osi_malloc((UINT16) (sizeof(tBTA_AV_API_PROTECT_RSP) + len))) != NULL) {
|
/* Cap allocation size to avoid UINT16 overflow */
|
||||||
|
alloc_size = sizeof(tBTA_AV_API_PROTECT_RSP) + len;
|
||||||
|
if (alloc_size > UINT16_MAX) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if ((p_buf = (tBTA_AV_API_PROTECT_RSP *) osi_malloc((UINT16) alloc_size)) != NULL) {
|
||||||
p_buf->hdr.layer_specific = hndl;
|
p_buf->hdr.layer_specific = hndl;
|
||||||
p_buf->hdr.event = BTA_AV_API_PROTECT_RSP_EVT;
|
p_buf->hdr.event = BTA_AV_API_PROTECT_RSP_EVT;
|
||||||
p_buf->len = len;
|
p_buf->len = len;
|
||||||
@@ -469,8 +485,14 @@ void BTA_AvRemoteCmd(UINT8 rc_handle, UINT8 label, tBTA_AV_RC rc_id, tBTA_AV_STA
|
|||||||
void BTA_AvVendorCmd(UINT8 rc_handle, UINT8 label, tBTA_AV_CODE cmd_code, UINT8 *p_data, UINT16 len)
|
void BTA_AvVendorCmd(UINT8 rc_handle, UINT8 label, tBTA_AV_CODE cmd_code, UINT8 *p_data, UINT16 len)
|
||||||
{
|
{
|
||||||
tBTA_AV_API_VENDOR *p_buf;
|
tBTA_AV_API_VENDOR *p_buf;
|
||||||
|
size_t alloc_size;
|
||||||
|
|
||||||
if ((p_buf = (tBTA_AV_API_VENDOR *) osi_malloc((UINT16) (sizeof(tBTA_AV_API_VENDOR) + len))) != NULL) {
|
/* Cap allocation size to avoid UINT16 overflow */
|
||||||
|
alloc_size = sizeof(tBTA_AV_API_VENDOR) + len;
|
||||||
|
if (alloc_size > UINT16_MAX) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if ((p_buf = (tBTA_AV_API_VENDOR *) osi_malloc((UINT16) alloc_size)) != NULL) {
|
||||||
p_buf->hdr.event = BTA_AV_API_VENDOR_CMD_EVT;
|
p_buf->hdr.event = BTA_AV_API_VENDOR_CMD_EVT;
|
||||||
p_buf->hdr.layer_specific = rc_handle;
|
p_buf->hdr.layer_specific = rc_handle;
|
||||||
p_buf->msg.hdr.ctype = cmd_code;
|
p_buf->msg.hdr.ctype = cmd_code;
|
||||||
@@ -504,8 +526,14 @@ void BTA_AvVendorCmd(UINT8 rc_handle, UINT8 label, tBTA_AV_CODE cmd_code, UINT8
|
|||||||
void BTA_AvVendorRsp(UINT8 rc_handle, UINT8 label, tBTA_AV_CODE rsp_code, UINT8 *p_data, UINT16 len, UINT32 company_id)
|
void BTA_AvVendorRsp(UINT8 rc_handle, UINT8 label, tBTA_AV_CODE rsp_code, UINT8 *p_data, UINT16 len, UINT32 company_id)
|
||||||
{
|
{
|
||||||
tBTA_AV_API_VENDOR *p_buf;
|
tBTA_AV_API_VENDOR *p_buf;
|
||||||
|
size_t alloc_size;
|
||||||
|
|
||||||
if ((p_buf = (tBTA_AV_API_VENDOR *) osi_malloc((UINT16) (sizeof(tBTA_AV_API_VENDOR) + len))) != NULL) {
|
/* Cap allocation size to avoid UINT16 overflow */
|
||||||
|
alloc_size = sizeof(tBTA_AV_API_VENDOR) + len;
|
||||||
|
if (alloc_size > 0xFFFF) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if ((p_buf = (tBTA_AV_API_VENDOR *) osi_malloc((UINT16) alloc_size)) != NULL) {
|
||||||
p_buf->hdr.event = BTA_AV_API_VENDOR_RSP_EVT;
|
p_buf->hdr.event = BTA_AV_API_VENDOR_RSP_EVT;
|
||||||
p_buf->hdr.layer_specific = rc_handle;
|
p_buf->hdr.layer_specific = rc_handle;
|
||||||
p_buf->msg.hdr.ctype = rsp_code;
|
p_buf->msg.hdr.ctype = rsp_code;
|
||||||
@@ -627,6 +655,8 @@ void BTA_AvMetaCmd(UINT8 rc_handle, UINT8 label, tBTA_AV_CMD cmd_code, BT_HDR *p
|
|||||||
p_buf->label = label;
|
p_buf->label = label;
|
||||||
|
|
||||||
bta_sys_sendmsg(p_buf);
|
bta_sys_sendmsg(p_buf);
|
||||||
|
} else if (p_pkt) {
|
||||||
|
osi_free(p_pkt);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -689,14 +719,30 @@ void BTA_AvCaClose(UINT8 rc_handle)
|
|||||||
void BTA_AvCaGet(UINT8 rc_handle, tBTA_AV_GET_TYPE type, UINT8 *image_handle, UINT8 *image_descriptor, UINT16 image_descriptor_len)
|
void BTA_AvCaGet(UINT8 rc_handle, tBTA_AV_GET_TYPE type, UINT8 *image_handle, UINT8 *image_descriptor, UINT16 image_descriptor_len)
|
||||||
{
|
{
|
||||||
tBTA_AV_API_CA_GET *p_buf;
|
tBTA_AV_API_CA_GET *p_buf;
|
||||||
|
size_t alloc_size;
|
||||||
|
|
||||||
if ((p_buf = (tBTA_AV_API_CA_GET *) osi_malloc(sizeof(tBTA_AV_API_CA_GET))) != NULL) {
|
/* NULL image_handle would cause crash in memcpy; reject early */
|
||||||
|
if (image_handle == NULL) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
/* Cap allocation size to avoid overflow */
|
||||||
|
alloc_size = sizeof(tBTA_AV_API_CA_GET) + image_descriptor_len;
|
||||||
|
if (alloc_size > 0xFFFF) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if ((p_buf = (tBTA_AV_API_CA_GET *) osi_malloc((UINT16) alloc_size)) != NULL) {
|
||||||
p_buf->hdr.event = BTA_AV_API_CA_GET_EVT;
|
p_buf->hdr.event = BTA_AV_API_CA_GET_EVT;
|
||||||
p_buf->hdr.layer_specific = rc_handle;
|
p_buf->hdr.layer_specific = rc_handle;
|
||||||
p_buf->type = type;
|
p_buf->type = type;
|
||||||
memcpy(p_buf->image_handle, image_handle, BTA_AV_CA_IMG_HDL_LEN);
|
memcpy(p_buf->image_handle, image_handle, BTA_AV_CA_IMG_HDL_LEN);
|
||||||
p_buf->image_descriptor = image_descriptor;
|
|
||||||
p_buf->image_descriptor_len = image_descriptor_len;
|
p_buf->image_descriptor_len = image_descriptor_len;
|
||||||
|
/* Copy image_descriptor into message to avoid use-after-free when message is async */
|
||||||
|
if (image_descriptor != NULL && image_descriptor_len > 0) {
|
||||||
|
p_buf->image_descriptor = (UINT8 *) (p_buf + 1);
|
||||||
|
memcpy(p_buf->image_descriptor, image_descriptor, image_descriptor_len);
|
||||||
|
} else {
|
||||||
|
p_buf->image_descriptor = NULL;
|
||||||
|
}
|
||||||
bta_sys_sendmsg(p_buf);
|
bta_sys_sendmsg(p_buf);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -61,7 +61,7 @@ const UINT16 bta_av_audio_flush_to[] = {
|
|||||||
0 /* 5 streams */
|
0 /* 5 streams */
|
||||||
}; /* AVDTP audio transport channel flush timeout */
|
}; /* AVDTP audio transport channel flush timeout */
|
||||||
|
|
||||||
/* Note: Android doesnt support AVRC_SUPF_TG_GROUP_NAVI */
|
/* Note: Android doesn't support AVRC_SUPF_TG_GROUP_NAVI */
|
||||||
/* Note: if AVRC_SUPF_TG_GROUP_NAVI is set, bta_av_cfg.avrc_group should be TRUE */
|
/* Note: if AVRC_SUPF_TG_GROUP_NAVI is set, bta_av_cfg.avrc_group should be TRUE */
|
||||||
#if AVRC_METADATA_INCLUDED == TRUE
|
#if AVRC_METADATA_INCLUDED == TRUE
|
||||||
#define BTA_AV_RC_SNK_SUPF_TG (AVRC_SUPF_TG_CAT2) /* TODO: | AVRC_SUPF_TG_APP_SETTINGS) */
|
#define BTA_AV_RC_SNK_SUPF_TG (AVRC_SUPF_TG_CAT2) /* TODO: | AVRC_SUPF_TG_APP_SETTINGS) */
|
||||||
@@ -105,6 +105,6 @@ const tBTA_AV_CFG bta_av_cfg = {
|
|||||||
{0}, /* Default AVRCP target name */
|
{0}, /* Default AVRCP target name */
|
||||||
};
|
};
|
||||||
|
|
||||||
tBTA_AV_CFG *p_bta_av_cfg = (tBTA_AV_CFG *) &bta_av_cfg;
|
const tBTA_AV_CFG *p_bta_av_cfg = &bta_av_cfg;
|
||||||
|
|
||||||
#endif /* if defined(BTA_AV_INCLUDED) && (BTA_AV_INCLUDED == TRUE) */
|
#endif /* if defined(BTA_AV_INCLUDED) && (BTA_AV_INCLUDED == TRUE) */
|
||||||
|
|||||||
@@ -82,7 +82,7 @@ void bta_av_ci_setconfig(tBTA_AV_HNDL hndl, UINT8 err_code, UINT8 category,
|
|||||||
p_buf->category = category;
|
p_buf->category = category;
|
||||||
p_buf->recfg_needed = recfg_needed;
|
p_buf->recfg_needed = recfg_needed;
|
||||||
p_buf->avdt_handle = avdt_handle;
|
p_buf->avdt_handle = avdt_handle;
|
||||||
p_buf->num_seid = num_seid;
|
p_buf->num_seid = (p_seid != NULL) ? num_seid : 0;
|
||||||
if (p_seid && num_seid) {
|
if (p_seid && num_seid) {
|
||||||
memcpy(p_buf->p_seid, p_seid, num_seid);
|
memcpy(p_buf->p_seid, p_seid, num_seid);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -368,7 +368,12 @@ static tBTA_AV_SCB *bta_av_alloc_scb(tBTA_AV_CHNL chnl)
|
|||||||
p_ret->hndl = (tBTA_AV_HNDL)((xx + 1) | chnl);
|
p_ret->hndl = (tBTA_AV_HNDL)((xx + 1) | chnl);
|
||||||
p_ret->hdi = xx;
|
p_ret->hdi = xx;
|
||||||
p_ret->a2d_list = list_new(NULL);
|
p_ret->a2d_list = list_new(NULL);
|
||||||
bta_av_cb.p_scb[xx] = p_ret;
|
if (p_ret->a2d_list == NULL) {
|
||||||
|
osi_free(p_ret);
|
||||||
|
p_ret = NULL;
|
||||||
|
} else {
|
||||||
|
bta_av_cb.p_scb[xx] = p_ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -417,13 +422,15 @@ void bta_av_conn_cback(UINT8 handle, BD_ADDR bd_addr, UINT8 event, tAVDT_CTRL *p
|
|||||||
p_scb = bta_av_addr_to_scb(bd_addr);
|
p_scb = bta_av_addr_to_scb(bd_addr);
|
||||||
}
|
}
|
||||||
else if (AVDT_CONNECT_IND_EVT == event) {
|
else if (AVDT_CONNECT_IND_EVT == event) {
|
||||||
APPL_TRACE_DEBUG("CONN_IND is ACP:%d\n", p_data->hdr.err_param);
|
if (p_data) {
|
||||||
|
APPL_TRACE_DEBUG("CONN_IND is ACP:%d\n", p_data->hdr.err_param);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((p_msg = (tBTA_AV_STR_MSG *) osi_malloc((UINT16) (sizeof(tBTA_AV_STR_MSG)))) != NULL) {
|
if ((p_msg = (tBTA_AV_STR_MSG *) osi_malloc((UINT16) (sizeof(tBTA_AV_STR_MSG)))) != NULL) {
|
||||||
p_msg->hdr.event = evt;
|
p_msg->hdr.event = evt;
|
||||||
p_msg->hdr.layer_specific = event;
|
p_msg->hdr.layer_specific = event;
|
||||||
p_msg->hdr.offset = p_data->hdr.err_param;
|
p_msg->hdr.offset = p_data ? p_data->hdr.err_param : 0;
|
||||||
bdcpy(p_msg->bd_addr, bd_addr);
|
bdcpy(p_msg->bd_addr, bd_addr);
|
||||||
if (p_scb) {
|
if (p_scb) {
|
||||||
APPL_TRACE_DEBUG("scb hndl x%x, role x%x\n", p_scb->hndl, p_scb->role);
|
APPL_TRACE_DEBUG("scb hndl x%x, role x%x\n", p_scb->hndl, p_scb->role);
|
||||||
@@ -1264,9 +1271,9 @@ void bta_av_dup_audio_buf(tBTA_AV_SCB *p_scb, BT_HDR *p_buf)
|
|||||||
if (list_length(p_scbi->a2d_list) > p_bta_av_cfg->audio_mqs) {
|
if (list_length(p_scbi->a2d_list) > p_bta_av_cfg->audio_mqs) {
|
||||||
// Drop the oldest packet
|
// Drop the oldest packet
|
||||||
bta_av_co_audio_drop(p_scbi->hndl);
|
bta_av_co_audio_drop(p_scbi->hndl);
|
||||||
BT_HDR *p_buf = list_front(p_scbi->a2d_list);
|
BT_HDR *p_buf_drop = list_front(p_scbi->a2d_list);
|
||||||
list_remove(p_scbi->a2d_list, p_buf);
|
list_remove(p_scbi->a2d_list, p_buf_drop);
|
||||||
osi_free(p_buf);
|
osi_free(p_buf_drop);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1290,6 +1297,10 @@ void bta_av_sm_execute(tBTA_AV_CB *p_cb, UINT16 event, tBTA_AV_DATA *p_data)
|
|||||||
tBTA_AV_ST_TBL state_table;
|
tBTA_AV_ST_TBL state_table;
|
||||||
UINT8 action;
|
UINT8 action;
|
||||||
|
|
||||||
|
if (p_cb == NULL || p_cb->state >= (sizeof(bta_av_st_tbl) / sizeof(bta_av_st_tbl[0]))) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
APPL_TRACE_EVENT("AV event=0x%x state=%d\n", event, p_cb->state);
|
APPL_TRACE_EVENT("AV event=0x%x state=%d\n", event, p_cb->state);
|
||||||
|
|
||||||
/* look up the state table for the current state */
|
/* look up the state table for the current state */
|
||||||
@@ -1297,6 +1308,10 @@ void bta_av_sm_execute(tBTA_AV_CB *p_cb, UINT16 event, tBTA_AV_DATA *p_data)
|
|||||||
|
|
||||||
event &= 0x00FF;
|
event &= 0x00FF;
|
||||||
|
|
||||||
|
if (event >= (sizeof(bta_av_st_init) / sizeof(bta_av_st_init[0]))) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
/* set next state */
|
/* set next state */
|
||||||
p_cb->state = state_table[event][BTA_AV_NEXT_STATE];
|
p_cb->state = state_table[event][BTA_AV_NEXT_STATE];
|
||||||
APPL_TRACE_EVENT("next state=%d\n", p_cb->state);
|
APPL_TRACE_EVENT("next state=%d\n", p_cb->state);
|
||||||
@@ -1329,8 +1344,10 @@ BOOLEAN bta_av_hdl_event(BT_HDR *p_msg)
|
|||||||
|
|
||||||
if (event >= first_event) {
|
if (event >= first_event) {
|
||||||
APPL_TRACE_VERBOSE("AV nsm event=0x%x(%s)\n", event, bta_av_evt_code(event));
|
APPL_TRACE_VERBOSE("AV nsm event=0x%x(%s)\n", event, bta_av_evt_code(event));
|
||||||
/* non state machine events */
|
if (event <= BTA_AV_LAST_NSM_EVT) {
|
||||||
(*bta_av_nsm_act[event - BTA_AV_FIRST_NSM_EVT]) ((tBTA_AV_DATA *) p_msg);
|
/* non state machine events */
|
||||||
|
(*bta_av_nsm_act[event - BTA_AV_FIRST_NSM_EVT]) ((tBTA_AV_DATA *) p_msg);
|
||||||
|
}
|
||||||
} else if (event >= BTA_AV_FIRST_SM_EVT && event <= BTA_AV_LAST_SM_EVT) {
|
} else if (event >= BTA_AV_FIRST_SM_EVT && event <= BTA_AV_LAST_SM_EVT) {
|
||||||
APPL_TRACE_VERBOSE("AV sm event=0x%x(%s)\n", event, bta_av_evt_code(event));
|
APPL_TRACE_VERBOSE("AV sm event=0x%x(%s)\n", event, bta_av_evt_code(event));
|
||||||
/* state machine events */
|
/* state machine events */
|
||||||
|
|||||||
@@ -119,7 +119,9 @@ int bta_av_sbc_up_sample (void *p_src, void *p_dst,
|
|||||||
dst = dst_samples / bta_av_sbc_ups_cb.div;
|
dst = dst_samples / bta_av_sbc_ups_cb.div;
|
||||||
return (*bta_av_sbc_ups_cb.p_act)(p_src, p_dst, src, dst, p_ret);
|
return (*bta_av_sbc_ups_cb.p_act)(p_src, p_dst, src, dst, p_ret);
|
||||||
} else {
|
} else {
|
||||||
*p_ret = 0;
|
if (p_ret) {
|
||||||
|
*p_ret = 0;
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -212,7 +214,7 @@ int bta_av_sbc_up_sample_16m (void *p_src, void *p_dst,
|
|||||||
UINT32 src_sps = bta_av_sbc_ups_cb.src_sps;
|
UINT32 src_sps = bta_av_sbc_ups_cb.src_sps;
|
||||||
UINT32 dst_sps = bta_av_sbc_ups_cb.dst_sps;
|
UINT32 dst_sps = bta_av_sbc_ups_cb.dst_sps;
|
||||||
|
|
||||||
while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples) {
|
while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples >= 2) {
|
||||||
*p_dst_tmp++ = *p_worker;
|
*p_dst_tmp++ = *p_worker;
|
||||||
*p_dst_tmp++ = *p_worker;
|
*p_dst_tmp++ = *p_worker;
|
||||||
|
|
||||||
@@ -224,7 +226,7 @@ int bta_av_sbc_up_sample_16m (void *p_src, void *p_dst,
|
|||||||
|
|
||||||
bta_av_sbc_ups_cb.cur_pos = dst_sps;
|
bta_av_sbc_ups_cb.cur_pos = dst_sps;
|
||||||
|
|
||||||
while (src_samples-- && dst_samples) {
|
while (src_samples-- && dst_samples >= 2) {
|
||||||
*p_worker = *p_src_tmp++;
|
*p_worker = *p_src_tmp++;
|
||||||
|
|
||||||
do {
|
do {
|
||||||
@@ -235,7 +237,7 @@ int bta_av_sbc_up_sample_16m (void *p_src, void *p_dst,
|
|||||||
dst_samples--;
|
dst_samples--;
|
||||||
dst_samples--;
|
dst_samples--;
|
||||||
|
|
||||||
} while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples);
|
} while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples >= 2);
|
||||||
|
|
||||||
bta_av_sbc_ups_cb.cur_pos += dst_sps;
|
bta_av_sbc_ups_cb.cur_pos += dst_sps;
|
||||||
}
|
}
|
||||||
@@ -276,7 +278,7 @@ int bta_av_sbc_up_sample_8s (void *p_src, void *p_dst,
|
|||||||
UINT32 src_sps = bta_av_sbc_ups_cb.src_sps;
|
UINT32 src_sps = bta_av_sbc_ups_cb.src_sps;
|
||||||
UINT32 dst_sps = bta_av_sbc_ups_cb.dst_sps;
|
UINT32 dst_sps = bta_av_sbc_ups_cb.dst_sps;
|
||||||
|
|
||||||
while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples) {
|
while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples >= 2) {
|
||||||
*p_dst_tmp++ = *p_worker1;
|
*p_dst_tmp++ = *p_worker1;
|
||||||
*p_dst_tmp++ = *p_worker2;
|
*p_dst_tmp++ = *p_worker2;
|
||||||
|
|
||||||
@@ -287,7 +289,7 @@ int bta_av_sbc_up_sample_8s (void *p_src, void *p_dst,
|
|||||||
|
|
||||||
bta_av_sbc_ups_cb.cur_pos = dst_sps;
|
bta_av_sbc_ups_cb.cur_pos = dst_sps;
|
||||||
|
|
||||||
while (src_samples -- && dst_samples) {
|
while (src_samples -- && dst_samples >= 2) {
|
||||||
*p_worker1 = *(UINT8 *)p_src_tmp++;
|
*p_worker1 = *(UINT8 *)p_src_tmp++;
|
||||||
*p_worker1 -= 0x80;
|
*p_worker1 -= 0x80;
|
||||||
*p_worker1 <<= 8;
|
*p_worker1 <<= 8;
|
||||||
@@ -302,7 +304,7 @@ int bta_av_sbc_up_sample_8s (void *p_src, void *p_dst,
|
|||||||
bta_av_sbc_ups_cb.cur_pos -= src_sps;
|
bta_av_sbc_ups_cb.cur_pos -= src_sps;
|
||||||
dst_samples--;
|
dst_samples--;
|
||||||
dst_samples--;
|
dst_samples--;
|
||||||
} while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples);
|
} while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples >= 2);
|
||||||
|
|
||||||
bta_av_sbc_ups_cb.cur_pos += dst_sps;
|
bta_av_sbc_ups_cb.cur_pos += dst_sps;
|
||||||
}
|
}
|
||||||
@@ -342,7 +344,7 @@ int bta_av_sbc_up_sample_8m (void *p_src, void *p_dst,
|
|||||||
UINT32 src_sps = bta_av_sbc_ups_cb.src_sps;
|
UINT32 src_sps = bta_av_sbc_ups_cb.src_sps;
|
||||||
UINT32 dst_sps = bta_av_sbc_ups_cb.dst_sps;
|
UINT32 dst_sps = bta_av_sbc_ups_cb.dst_sps;
|
||||||
|
|
||||||
while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples) {
|
while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples >= 4) {
|
||||||
*p_dst_tmp++ = *p_worker;
|
*p_dst_tmp++ = *p_worker;
|
||||||
*p_dst_tmp++ = *p_worker;
|
*p_dst_tmp++ = *p_worker;
|
||||||
|
|
||||||
@@ -353,7 +355,7 @@ int bta_av_sbc_up_sample_8m (void *p_src, void *p_dst,
|
|||||||
|
|
||||||
bta_av_sbc_ups_cb.cur_pos = dst_sps;
|
bta_av_sbc_ups_cb.cur_pos = dst_sps;
|
||||||
|
|
||||||
while (src_samples-- && dst_samples) {
|
while (src_samples-- && dst_samples >= 4) {
|
||||||
*p_worker = *(UINT8 *)p_src_tmp++;
|
*p_worker = *(UINT8 *)p_src_tmp++;
|
||||||
*p_worker -= 0x80;
|
*p_worker -= 0x80;
|
||||||
*p_worker <<= 8;
|
*p_worker <<= 8;
|
||||||
@@ -365,7 +367,7 @@ int bta_av_sbc_up_sample_8m (void *p_src, void *p_dst,
|
|||||||
bta_av_sbc_ups_cb.cur_pos -= src_sps;
|
bta_av_sbc_ups_cb.cur_pos -= src_sps;
|
||||||
dst_samples -= 4;
|
dst_samples -= 4;
|
||||||
|
|
||||||
} while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples);
|
} while (bta_av_sbc_ups_cb.cur_pos > 0 && dst_samples >= 4);
|
||||||
|
|
||||||
bta_av_sbc_ups_cb.cur_pos += dst_sps;
|
bta_av_sbc_ups_cb.cur_pos += dst_sps;
|
||||||
}
|
}
|
||||||
@@ -455,6 +457,11 @@ UINT8 bta_av_sbc_cfg_for_cap(UINT8 *p_peer, tA2D_SBC_CIE *p_cap, tA2D_SBC_CIE *p
|
|||||||
peer_cie.min_bitpool = p_pref->min_bitpool;
|
peer_cie.min_bitpool = p_pref->min_bitpool;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (peer_cie.min_bitpool > peer_cie.max_bitpool) {
|
||||||
|
APPL_TRACE_ERROR("bta_av_sbc_cfg_for_cap: min_bp > max_bp");
|
||||||
|
return A2D_FAIL;
|
||||||
|
}
|
||||||
|
|
||||||
if (status == A2D_SUCCESS) {
|
if (status == A2D_SUCCESS) {
|
||||||
/* build configuration */
|
/* build configuration */
|
||||||
A2D_BldSbcInfo(A2D_MEDIA_TYPE_AUDIO, &peer_cie, p_peer);
|
A2D_BldSbcInfo(A2D_MEDIA_TYPE_AUDIO, &peer_cie, p_peer);
|
||||||
|
|||||||
@@ -429,6 +429,11 @@ void bta_av_ssm_execute(tBTA_AV_SCB *p_scb, UINT16 event, tBTA_AV_DATA *p_data)
|
|||||||
APPL_TRACE_VERBOSE("AV Sevent(0x%x)=0x%x(%s) state=%d(%s)",
|
APPL_TRACE_VERBOSE("AV Sevent(0x%x)=0x%x(%s) state=%d(%s)",
|
||||||
p_scb->hndl, event, bta_av_evt_code(event), p_scb->state, bta_av_sst_code(p_scb->state));
|
p_scb->hndl, event, bta_av_evt_code(event), p_scb->state, bta_av_sst_code(p_scb->state));
|
||||||
|
|
||||||
|
if (p_scb->state >= (sizeof(bta_av_sst_tbl) / sizeof(bta_av_sst_tbl[0])) ||
|
||||||
|
event < BTA_AV_FIRST_SSM_EVT || event > BTA_AV_LAST_SSM_EVT) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
/* look up the state table for the current state */
|
/* look up the state table for the current state */
|
||||||
state_table = bta_av_sst_tbl[p_scb->state];
|
state_table = bta_av_sst_tbl[p_scb->state];
|
||||||
|
|
||||||
|
|||||||
@@ -133,6 +133,7 @@ enum {
|
|||||||
|
|
||||||
/* events for AV stream control block state machine */
|
/* events for AV stream control block state machine */
|
||||||
#define BTA_AV_FIRST_SSM_EVT BTA_AV_API_OPEN_EVT
|
#define BTA_AV_FIRST_SSM_EVT BTA_AV_API_OPEN_EVT
|
||||||
|
#define BTA_AV_LAST_SSM_EVT BTA_AV_ACP_CONNECT_EVT
|
||||||
|
|
||||||
/* events that do not go through state machine */
|
/* events that do not go through state machine */
|
||||||
#define BTA_AV_FIRST_NSM_EVT BTA_AV_API_ENABLE_EVT
|
#define BTA_AV_FIRST_NSM_EVT BTA_AV_API_ENABLE_EVT
|
||||||
@@ -678,7 +679,7 @@ extern tBTA_AV_CB *bta_av_cb_ptr;
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* config struct */
|
/* config struct */
|
||||||
extern tBTA_AV_CFG *p_bta_av_cfg;
|
extern const tBTA_AV_CFG *p_bta_av_cfg;
|
||||||
|
|
||||||
extern const tBTA_AV_SACT bta_av_a2d_action[];
|
extern const tBTA_AV_SACT bta_av_a2d_action[];
|
||||||
extern const tBTA_AV_SACT bta_av_vdp_action[];
|
extern const tBTA_AV_SACT bta_av_vdp_action[];
|
||||||
|
|||||||
Reference in New Issue
Block a user