From 82052a0fc477130cc643053a84dc0e786eb1a522 Mon Sep 17 00:00:00 2001 From: zhanghaipeng Date: Tue, 7 Nov 2023 19:41:11 +0800 Subject: [PATCH] fix(bt/bluedroid): Fix ble keysize check --- components/bt/host/bluedroid/api/esp_gap_ble_api.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/components/bt/host/bluedroid/api/esp_gap_ble_api.c b/components/bt/host/bluedroid/api/esp_gap_ble_api.c index 65d24518c2..7655b0d951 100644 --- a/components/bt/host/bluedroid/api/esp_gap_ble_api.c +++ b/components/bt/host/bluedroid/api/esp_gap_ble_api.c @@ -576,7 +576,11 @@ esp_err_t esp_ble_gap_set_security_param(esp_ble_sm_param_t param_type, LOG_ERROR("ESP_BLE_APP_ENC_KEY_SIZE is deprecated, use ESP_GATT_PERM_ENCRYPT_KEY_SIZE in characteristic definition"); return ESP_ERR_NOT_SUPPORTED; } - + if (param_type == ESP_BLE_SM_MAX_KEY_SIZE || param_type == ESP_BLE_SM_MIN_KEY_SIZE) { + if (((uint8_t *)value)[0] > 16 || ((uint8_t *)value)[0] < 7) { + return ESP_ERR_INVALID_ARG; + } + } btc_msg_t msg = {0}; btc_ble_gap_args_t arg;