Mirrors/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-06-02 03:06:37 +03:00
Code Issues Packages Projects Releases Wiki Activity
50,942 Commits 23 Branches 184 Tags
0f8dd0cf5bc8d00aabbbc2bfa96ea78fd801d263
Commit Graph

590 Commits

Author SHA1 Message Date
Island
1c99ea52c1 Merge branch 'bugfix/optimize_bluedroid_host_code_new' into 'master' 
fix(ble/bluedroid): Use the same legacy gap callback instead of each independent legacy gap event callback

Closes BLERP-2639

See merge request espressif/esp-idf!46344
 2026-03-23 15:28:46 +08:00
Jiang Jiang Jian
9bde023b12 Merge branch 'bugfix/oob_in_avrc' into 'master' 
FIx: Heap OOB read in Bluedroid AVRCP Target parser

Closes BT-4269

See merge request espressif/esp-idf!46425
 2026-03-20 17:41:11 +08:00
zhiweijian
d07ce78dcf fix(ble/bluedroid): optimize bluedroid host and fix GAP, memory, status and BTM API issues 
- return HCI_ERR_MEMORY_FULL on cmd buffer alloc failure
- remove legacy adv/scan semaphores and mutex
- Use the same legacy gap callback instead of each independent legacy gap event callback
 2026-03-19 20:59:28 +08:00
zhiweijian
50747e4f63 fix(ble/bluedroid): Null/range checks, crypto cleanup and API consistency 
- smp_api.h/smp_int.h: SMP_OPCODE_ARRAY_SIZE and SecureConnectionOobDataReply
  declaration alignment
- p_256_ecc_pp/p_256_multprecision: bounds and overflow fixes in ECC/multiprecision
- smp_act: init le_key; p_dev_rec null check in smp_key_distribution;
  smp_compute_dhkey failure notify in smp_both_have_public_keys
- smp_api: early state/cb_evt check in SMP_SecureConnectionOobDataReply
- smp_cmac: input/length validation in cmac_aes_k_calculate and
  aes_cipher_msg_auth_code
- smp_keys: smp_gen_p2_4_confirm return and smp_calculate_comfirm_cont;
  smp_process_private_key/smp_compute_dhkey cleanup and peer_pub_be clear
- smp_l2c: fix callback param types with L2CAP
- smp_main: event/state bounds in smp_sm_event; smp_get_event_name default string
- smp_utils: cmd_code<SMP_OPCODE_ARRAY_SIZE and smp_cmd_build_act check;
  smp_mask_enc_key/smp_command_has_invalid_parameters bounds
 2026-03-18 16:49:09 +08:00
zhiweijian
16d523e9bf fix(ble/bluedroid): BLE credit, reject when p_rcb NULL, timeout and leak fixes 
- l2c_int: align struct/constant types with l2c_ble/l2c_main
- l2c_api: null/state checks in L2CA_SendFixedChnlData
- l2c_ble: reject when p_rcb==NULL, add L2CAP_CMD_BLE_FLOW_CTRL_CREDIT;
  l2cble_init_direct_conn int64_t timeout and link_timeout==0 fix
- l2c_link: null/state checks and cleanup in hci_disc_comp/timeout/send_to_lower
- l2c_main: free p_msg on FCR non-Basic and COC branches; fix LE credit handling;
  process_l2cap_cmd bounds
- l2c_utils: credit/queue cleanup and null checks in l2cu_disconnect_chnl
 2026-03-18 16:49:09 +08:00
zhiweijian
1d31286f1a fix(ble/bluedroid): Fix double-free, exec write, bounds and HCI param checks 
- gap_ble: add length/attribute checks in gap_proc_write_req
- gatt_cl: set p_cmd->p_cmd=NULL before memset to avoid double-free;
  pending_cl_req %= GATT_CL_MAX_LCB
- gatt_sr: fix exec write zeroed_attrs and offset/len bounds, OOM cleanup
- gatt_sr_hash: null checks for p_attr->p_next, p_data+=2, len==0 in
  gatts_calculate_datebase_hash, gatts_show_local_database
- gatt_utils: explicit return NULL, indent, idx<GATT_MAX_APPS checks,
  len>GATT_MAX_ATTR_LEN, gatt_cleanup_upon_disc dealloc branch
- hciblecmds: length/handle validation in BLE ext adv/BIG sync HCI commands
 2026-03-18 16:38:25 +08:00
zhiweijian
537661fb2e fix(ble/bluedroid): Event length checks and timer/alarm error handling 
- btu_hcif: validate p_msg->len and hci_evt_len in process_event; pass evt_len to
  sub-handlers; fix cs_subevt num_steps_reported==0 malloc; bounds in
  command_complete and role_change_evt
- btu_task: handle osi_alarm_new/hash_map_set failure in btu_start_timer,
  btu_start_quick_timer, btu_start_timer_oneshot
 2026-03-18 16:38:25 +08:00
zhiweijian
65b2cb2728 fix(ble/bluedroid): BLE GAP/ACL/ISO/SCO null checks, evt_len and resource handling 
- btm_acl: malloc/list_append failure handling, remove/memset order in btm_acl_removed
- btm_ble: remove incorrect sec_flags in SMP_OOB/NC/SC_OOB fall-through
- btm_ble_5_gap: btm_ble_hci_status_to_str unreachable return,
  BTM_BleSetExtendedAdvParams/BleStartExtAdv leak and bounds
- btm_ble_addr: fix indent in btm_find_dev_by_identity_addr
- btm_ble_gap: null check p_service_data, pass evt_len to btm_ble_process_adv_pkt,
  bounds in process_adv_pkt
- btm_ble_iso: align param types with declaration
- btm_ble_privacy: handle BTM_BLE_IRK_LIST_INVALID_INDEX in update_resolving_list,
  comment fixes
- btm_devctl: fix btm_vsc_complete param order/type
- btm_sco: add evt_len to btm_sco_process_num_completed_pkts for bounds check
- btm_ble_int.h/btm_int.h: add evt_len to process_adv_pkt and
  process_num_completed_pkts declarations
 2026-03-18 16:38:24 +08:00
Wang Meng Yang
c941926ee7 Merge branch 'feat/bt_distance_test' into 'master' 
feat(bt): Add APIs to read ACL real RSSI and read/write tx power of inq/iscan/page/pscan/ACL

Closes BT-4155

See merge request espressif/esp-idf!45601
 2026-03-16 15:09:19 +08:00
yangfeng
7a0771d2c8 feat(bt): Add APIs to control transmit power level 
- API to read ACL real RSSI
- APIs to read/write tx power of inq/iscan/page/pscan/ACL
 2026-03-13 10:12:40 +08:00
yangfeng
cf554d6d61 fix(hid): Fixed HID repeatedly reporting the close event 2026-03-13 09:45:14 +08:00
Jin Cheng
60f9362f83 fix(bt/bluedroid): fixed possible OOB read in avrc_pars_vendor_cmd 2026-03-10 08:43:56 +08:00
zhiweijian
ba0537c118 fix(ble/bluedroid): Fixed read or write failed if SMP is disabled 2026-03-02 18:32:20 +08:00
zhiweijian
e118d053b3 fix(ble/bluedroid): fix L2CAP, SMP and HCI command issues 
- Fix active_count check in l2cu_ble_plcb_active_count
- Restore previous state if connection command fails
- Fix HCI cmd buffer size off-by-one errors
- Fix connect handle length errors
- Fix channel sounding event status handling
- Fix SMP param_len check in smp_rand_back
- Fix spelling: BROCASTER to BROADCASTER in definitions
 2026-02-27 17:59:59 +08:00
zhiweijian
e0ccc644a8 fix(ble/bluedroid): fix GAP, advertising and security issues in BTM layer 
- Fix adv state restore and reset if start/stop failed
- Fix periodic adv v2 event without PAWR feature enabled
- Fix periodic adv sync establish skip handling
- Fix resolving list max_size validation
- Fix RPA addr_type update after host-side resolution
- Fix pairing_state reset if p_dev_rec alloc failed
- Fix ISO cis_cnt limit and ext adv parameter check
- Try to delete smp keys even if not in device list
 2026-02-27 17:59:46 +08:00
zhiweijian
6242e0244c fix(ble/bluedroid): fix GATT protocol and database operation issues 
- Fix GATTC read by type length error and rsp pdu format check
- Fix p_cur_handle update in gatts_db_read_attr_value_by_type
- Fix len calculation error in calculate_database_info_size
- Replace gatt_find_the_connected_bda with p_tcb_list iteration
- Send cmd reject if cid is invalid
- Fix param_len check in smp_rand_back
- Remove duplicate uuid compare functions
 2026-02-27 17:59:35 +08:00
chenjianhua
7c51dbc350 feat(ble/bluedroid): Add an API to resolve RPA 2026-02-09 00:05:10 +08:00
zhiweijian
031f4a7375 fix(ble/bluedroid): Unify BTM byte alignment 2026-01-27 19:19:13 +08:00
Wang Meng Yang
21f71c1794 Merge branch 'bugfix/oob_access_in_bt' into 'master' 
fix: enhanced packet length check in Bluedroid

See merge request espressif/esp-idf!44440
 2026-01-16 21:45:27 +08:00
Jin Cheng
bdec9fe83a fix(bt): enhanced packet length check in sdp_server.c 2026-01-15 10:04:22 +08:00
Jin Cheng
b18f09fc54 fix(bt): enhanced packet length check for avrc_pars_vendor_cmd 2026-01-15 10:04:22 +08:00
Zhou Xiao
78594e0f6e fix(ble): fixed use-after-free in bluedroid attp 2026-01-14 15:45:10 +08:00
zhiweijian
937a4648c7 fix(ble/bluedroid): Fixed bluedroid build warning if GATTC/S and SMP are disabled 2026-01-09 11:11:48 +08:00
Island
a8cfb404e5 Merge branch 'fix/change_some_example_config' into 'master' 
feat(ble/bluedroid): Add new bluedroid host examples (master)

Closes BLERP-2492

See merge request espressif/esp-idf!44896
 2026-01-08 21:03:13 +08:00
Island
9bf6bf7252 Merge branch 'feat/reduce_bluedroid_host_bin' into 'master' 
feat/reduce bluedroid host bin size

Closes BLERP-2426

See merge request espressif/esp-idf!43537
 2026-01-08 14:20:40 +08:00
zhiweijian
ce72e90291 feat(ble/bluedroid): Add new bluedroid host examples 2026-01-08 12:17:26 +08:00
Wang Meng Yang
6b58b82923 Merge branch 'bugfix/l2cap_malloc_fail' into 'master' 
fix(bt): fix l2cap malloc fail in throughput test

Closes BTQABR2023-536

See merge request espressif/esp-idf!44611
 2026-01-06 16:08:39 +08:00
zhiweijian
f4dfd42725 fix(ble/bluedroid): Fixed bluedroid host get white list size error 2026-01-06 16:01:22 +08:00
zhiweijian
6f27074c1e fix(ble/bluedroid): Fixed bt buuld error 
fix(ble/bluedroid): disable power management if bt is disabled
 2026-01-05 17:09:38 +08:00
zhiweijian
3b18da2bde fix(ble/bluedroid): optimize bluedroid host code 2026-01-05 14:24:34 +08:00
zhiweijian
728c4c8a10 fix(ble/bluedroid): Add BLE_TOPOLOGY_CHECK 2026-01-05 14:24:34 +08:00
zhiweijian
1f5fa1e72b fix(ble/bluedroid): disable bluedroid background connection 2026-01-05 14:23:10 +08:00
zhiweijian
ac7812ef8d fix(ble/bluedroid): change tGATT_BG_CONN_DEV to GATT_BG_CONN_DEV 2026-01-05 14:23:10 +08:00
zhiweijian
ec6809611a fix(ble/bluedroid): disable exception list if scan is not enabled 2026-01-05 14:23:10 +08:00
zhiweijian
715184fa36 fix(ble/bluedroid): disable vendor hci function 2026-01-05 14:23:10 +08:00
zhiweijian
1174ad41a5 fix(ble/bluedroid): Delete btm_ble_send_extended_scan_params 2026-01-05 14:23:10 +08:00
zhiweijian
b9440efbe9 fix(ble/bluedroid): change bluedroid scan callback name 2026-01-05 14:23:10 +08:00
zhiweijian
db17c7cea3 fix(bluedroid): delete bluedroid gatt_listen 2026-01-05 14:23:10 +08:00
zhiweijian
34448a7455 fix(ble/bluedroid): Delete observe and inquiry 2026-01-05 14:23:10 +08:00
zhiweijian
5145b366f7 fix(ble/bluedroid): delete bluedroid unused code 2026-01-05 14:23:10 +08:00
zhiweijian
a784adef00 fix(ble/bluedroid): Delete batch_scan related code 2026-01-05 14:23:09 +08:00
zhiweijian
08740df988 fix(ble/bluedroid): Delete BLE_HOST_SETUP_STORAGE_EN 2026-01-05 14:23:09 +08:00
zhiweijian
1c0c48b814 fix(ble/bluedroid): Delete BLE_HOST_READ_TX_POWER_EN 2026-01-05 14:23:09 +08:00
zhiweijian
f08ff1448b fix(ble/bluedroid): Delete BLE_HOST_ENABLE_TEST_MODE_EN 2026-01-05 14:23:09 +08:00
zhiweijian
b4c4b3e410 fix(ble/bluedroid): delete BLE_HOST_ENERGY_INFO_EN 2026-01-05 14:23:07 +08:00
zhiweijian
57c52bd4ec fix(ble/bluedroid): Delete BLE_VND_INCLUDED 2026-01-05 14:21:52 +08:00
zhiweijian
702292d451 fix(ble/bluedroid): Delete BLE_ANDROID_CONTROLLER_SCAN_FILTER 2026-01-05 14:21:50 +08:00
zhiweijian
5fdcc3bdea fix(ble/bluedroid): Delete BLE_HOST_BLE_SCAN_PARAM_UNUSED 2026-01-05 14:18:22 +08:00
zhiweijian
b175f3cc97 fix(ble/bluedroid): Delete BLE_HOST_CONN_SCAN_PARAM_EN 2026-01-05 14:18:22 +08:00
zhiweijian
25b0e1e684 fix(ble/bluedroid): Delete BLE_HOST_BATCH_SCAN_EN 2026-01-05 14:18:22 +08:00