diff options
author | Olivier Guiter <olivier.guiter@linux.intel.com> | 2013-03-25 11:24:21 +0100 |
---|---|---|
committer | Samuel Ortiz <sameo@linux.intel.com> | 2013-04-11 16:28:57 +0200 |
commit | 0b23d666a8857e521384d0eec75a7362b80a39b8 (patch) | |
tree | c60416548e56d5ba9ba6e63789cfdaf122da9ff1 | |
parent | 00e856db49bbaf0ec315bf81a3c4fc02e4d0beea (diff) | |
download | op-kernel-dev-0b23d666a8857e521384d0eec75a7362b80a39b8.zip op-kernel-dev-0b23d666a8857e521384d0eec75a7362b80a39b8.tar.gz |
NFC: llcp: Fix zero octets length SDU handling
LLCP Validation test #2 (Connection-less information transfer) send a
service data unit of zero octets length. This is now handled correctly.
Signed-off-by: Olivier Guiter <olivier.guiter@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
-rw-r--r-- | net/nfc/llcp/commands.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/net/nfc/llcp/commands.c b/net/nfc/llcp/commands.c index c5535cc..199e8b5 100644 --- a/net/nfc/llcp/commands.c +++ b/net/nfc/llcp/commands.c @@ -694,8 +694,7 @@ int nfc_llcp_send_i_frame(struct nfc_llcp_sock *sock, remaining_len = len; msg_ptr = msg_data; - while (remaining_len > 0) { - + do { frag_len = min_t(size_t, sock->remote_miu, remaining_len); pr_debug("Fragment %zd bytes remaining %zd", @@ -708,7 +707,8 @@ int nfc_llcp_send_i_frame(struct nfc_llcp_sock *sock, skb_put(pdu, LLCP_SEQUENCE_SIZE); - memcpy(skb_put(pdu, frag_len), msg_ptr, frag_len); + if (likely(frag_len > 0)) + memcpy(skb_put(pdu, frag_len), msg_ptr, frag_len); skb_queue_tail(&sock->tx_queue, pdu); @@ -720,7 +720,7 @@ int nfc_llcp_send_i_frame(struct nfc_llcp_sock *sock, remaining_len -= frag_len; msg_ptr += frag_len; - } + } while (remaining_len > 0); kfree(msg_data); @@ -754,8 +754,7 @@ int nfc_llcp_send_ui_frame(struct nfc_llcp_sock *sock, u8 ssap, u8 dsap, remaining_len = len; msg_ptr = msg_data; - while (remaining_len > 0) { - + do { frag_len = min_t(size_t, sock->remote_miu, remaining_len); pr_debug("Fragment %zd bytes remaining %zd", @@ -770,14 +769,15 @@ int nfc_llcp_send_ui_frame(struct nfc_llcp_sock *sock, u8 ssap, u8 dsap, pdu = llcp_add_header(pdu, dsap, ssap, LLCP_PDU_UI); - memcpy(skb_put(pdu, frag_len), msg_ptr, frag_len); + if (likely(frag_len > 0)) + memcpy(skb_put(pdu, frag_len), msg_ptr, frag_len); /* No need to check for the peer RW for UI frames */ skb_queue_tail(&local->tx_queue, pdu); remaining_len -= frag_len; msg_ptr += frag_len; - } + } while (remaining_len > 0); kfree(msg_data); |