summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-03-15Merge cherrypicks of [6738238, 6739193, 6738335, 6738239, 6739470, 6739471, ↵android-7.0.0_r36nougat-mr0.5-releaseandroid-build-team Robot
6738201, 6738202, 6738203, 6738204, 6738205, 6738206, 6738207, 6738208, 6738209, 6739510, 6739511, 6739512, 6739513, 6739514, 6739515, 6739516, 6738336, 6739517, 6739518, 6738416, 6738417, 6739472, 6739473, 6739519, 6739520, 6739071, 6739072, 6738695, 6738696, 6738697, 6738698, 6738699, 6738243, 6739521, 6738244, 6738153, 6738154, 6738155, 6738156, 6738157, 6738158, 6738159, 6738160, 6739522, 6739523] into nyc-bugfix-release Change-Id: I2d3cf972e4fbeda1ea03a5dbc082c151512f37ab
2019-03-15Prevent integer underflow in rw_t2t_handle_tlv_detect_rsp()George Chang
Bug: 121035711 Test: NFC Enable/Disable Change-Id: Ifa3e5fdf23f267a0d6c3aa8495c4c83f20153025 (cherry picked from commit e477a1c45b9f94b40540acc568eef2b8a2100d12)
2019-03-15Prevent Out of bounds read in ce_t4t.ccGeorge Chang
Test: Nfc Enable/Disable; Send wrong length AID to HCE Bug: 115635871 Change-Id: Ie522424d5d9e611fac5875a0cf1f8cbd640528ff (cherry picked from commit a7ad729fb82a68f56b3bfc9f3404858f7feab7f2)
2019-03-15Prevent Out of bounds write in rw_t3t_handle_get_sc_poll_rsp()George Chang
Test: Read T3T Tag Bug: 120499324 Change-Id: I5f76f207d16ee744ec9be06e94034adf01727ac8 (cherry picked from commit 17b8a8126c018062f36bd492c7535e216b6660c0)
2019-03-15Prevent OOB read in rw_t3t_act_handle_ndef_detect_rsp()Jack Yu
Test: NFC enable/disable Bug: 120428041 Change-Id: Iecabf9c9b2115371f02eefe3bb1fd1c8875fed45 (cherry picked from commit 352f23a26c162d5482a11660ea38571b858e0fd4)
2019-03-15Fix heap overflow in NFA_SendRawFrame()Ruchi Kandoi
Bug: 120664978 Test: NFC enable/disable Change-Id: I1b6a062fb5bf10364a20e99faf4adef13a478d22 (cherry picked from commit fc81ec955925391d772214043be62e48a6d65275)
2019-03-15Prevent Integer Overflow in rw_t3t_act_handle_check_rsp()Ruchi Kandoi
Bug: 120503926 Test: NFC Enable/Disable Change-Id: I260c2028ab56260ae4d26ce7c4699763df20ce7a (cherry picked from commit 2fa7388789742b3e75173d998925d4c6165814a6)
2019-03-15Prevent OOB read in rw_t3t_update_block()Ruchi Kandoi
Test: NFC enable/disable Bug: 120506143 Bug: 120497437 Bug: 120497583 Change-Id: I839333505a253788e43a48a61eb7a646328c7fec (cherry picked from commit 496e85481cf8d394dcf6ed7c1885536b16990f73)
2019-03-15Fix CVERuchi Kandoi
Test: NFC enable/disable Bug: 119223615 Bug: 111699773 Bug: 111660010 (cherry picked from commit 93233eb6f2a9e602c059edc20e26845384432db6) Change-Id: I573986e876d3f4093a6a829b0f01424072cd9d5a
2019-03-15Prevent Out of bound error in phNxpNciHal_process_ext_rspGeorge Chang
Bug: 118152591 Test: Nfc Enable/Disable, R/W, P2P Change-Id: I53bfc1b7eca4c3306f20488dc5fb8ccf9ed0e330 (cherry picked from commit 5ff72ad602488ba0b8102d6054fd04cd2d6531ee)
2019-03-15Prevent Out of bound error in llcp_dlc_proc_rr_rnr_pdu()Ruchi Kandoi
Test: Nfc Enable/disable Bug: 116788646 Change-Id: Iefa9ca0a291e0c59a442befccfaa2f17eecd461e (cherry picked from commit 59c3090aedd725f10e413fe7b38aff67a1782f1d)
2019-03-15Prevent OOB error in nfc_ncif_proc_get_routing()Ruchi Kandoi
Test: Tag reading; Card Emulation Bug: 117554809 Change-Id: Ib49af2eadf870f030a6cddeec390dc498bd5078c (cherry picked from commit 8c29aa84918b79d3bad0a68430a2dfbeec41bde6)
2019-03-15Prevent Out of bounds read/write in nfc_ncif_set_config_statusGeorge Chang
Test: Nfc Enable/Disable; Android Beam; Tag reading Bug: 114047681 Merged-In: Iaba48380879373a4807a9d50634f4f40be97ef81 Change-Id: Iaba48380879373a4807a9d50634f4f40be97ef81 (cherry picked from commit 5b18209498ca5dc9fe65cf6e2b77b8879821251f)
2019-03-15Improve AGF PDU integrity check to prevent OOB errorJack Yu
Test: Nfc Enable/Disable; Android Beam; Tag reading Bug: 116791157 (cherry picked from commit 1e1bf327eac157409279ede5ec874c5112be9d9b) Change-Id: I75b89e3dd542e40197263593aa2608e1187afae5
2019-03-15Prevent Out of bounds read in llcp_dlcGeorge Chang
Test: Nfc Enable/Disable; Android Beam; Tag reading Bug: 116722267 Merged-In: I9b5d1ad46ed18862dbb23b2ab2393edc3d0995e6 Change-Id: I9b5d1ad46ed18862dbb23b2ab2393edc3d0995e6 (cherry picked from commit d127969d21627579b7c715c88cc516824bd4f462)
2019-03-15Prevent Out of bounds read in llcp_utilRuchi Kandoi
Test: Nfc Enable/Disable, Android Beam, Tag reading Bug: 114237888 Bug: 114238578 Bug: 111660010 Change-Id: Icf03e6cc2f37bee6718efb692f0a1ff6da2cbc9d (cherry picked from commit ae4fd453041b91a9ea326365802a2662f8dbd500)
2019-03-15Prevent OOB error for T2T read/writesRuchi Kandoi
Bug: 112161557 Test: Tag reading, HCE Merged-In: If170e107b172a590b53f916b12865a1839a25667 Change-Id: If170e107b172a590b53f916b12865a1839a25667 (cherry picked from commit a8d1622094dcd7a6450dbf7c3a6f6fcae5d8faaf)
2017-01-31merge in nyc-bugfix-release history after reset to ↵android-7.0.0_r35android-7.0.0_r34android-7.0.0_r33android-7.0.0_r32android-7.0.0_r31gitbuildkicker
8e1e806945c04bca625071feb15337080258e0dd
2017-01-24Fix native crash in nfc_ncif_proc_activateandroid-7.0.0_r30fang.x.chen
The destination of memcpy is allocated with a predetermined maximum length, but in some cases the length of information being copied is greater than the maximum length of the destination. This is the root cause of crash. Add length check before memcpy to avoid memory overflow Test: Repeat reading and writing tag Bug: 33434992 Bug: 32688507 Change-Id: I09ee3c734e9be38a35b1d48679d74e42e0432d78 (cherry picked from commit 09cb3b3dc46c8bab51346a4163b130857d806418)
2017-01-24merge in nyc-bugfix-release history after reset to nyc-devgitbuildkicker
2017-01-24Fix native crash in nfc_ncif_proc_activatefang.x.chen
The destination of memcpy is allocated with a predetermined maximum length, but in some cases the length of information being copied is greater than the maximum length of the destination. This is the root cause of crash. Add length check before memcpy to avoid memory overflow Test: Repeat reading and writing tag Bug: 33434992 Bug: 32688507 Change-Id: I09ee3c734e9be38a35b1d48679d74e42e0432d78 (cherry picked from commit 09cb3b3dc46c8bab51346a4163b130857d806418)
2016-06-14Retry system calls on EINTR.android-cts-7.0_r9android-cts-7.0_r8android-cts-7.0_r7android-cts-7.0_r6android-cts-7.0_r5android-cts-7.0_r4android-cts-7.0_r33android-cts-7.0_r32android-cts-7.0_r31android-cts-7.0_r30android-cts-7.0_r3android-cts-7.0_r29android-cts-7.0_r28android-cts-7.0_r27android-cts-7.0_r26android-cts-7.0_r25android-cts-7.0_r24android-cts-7.0_r23android-cts-7.0_r22android-cts-7.0_r21android-cts-7.0_r20android-cts-7.0_r2android-cts-7.0_r19android-cts-7.0_r18android-cts-7.0_r17android-cts-7.0_r16android-cts-7.0_r15android-cts-7.0_r14android-cts-7.0_r13android-cts-7.0_r12android-cts-7.0_r11android-cts-7.0_r10android-cts-7.0_r1android-7.0.0_r9android-7.0.0_r8android-7.0.0_r7android-7.0.0_r6android-7.0.0_r5android-7.0.0_r4android-7.0.0_r3android-7.0.0_r29android-7.0.0_r28android-7.0.0_r27android-7.0.0_r24android-7.0.0_r21android-7.0.0_r19android-7.0.0_r17android-7.0.0_r15android-7.0.0_r14android-7.0.0_r13android-7.0.0_r12android-7.0.0_r11android-7.0.0_r10android-7.0.0_r1nougat-releasenougat-devnougat-cts-releasenougat-bugfix-releaseMartijn Coenen
Bug: 28792238 Change-Id: Iaeb03a5be6d04cbc8dcf838ed7a0489d790e0028
2016-05-11Free memory in case of error responseJizhou Liao
In case of NFC_DATA_CEVT with error response, p_data is allocated as p_msg from nfc_main_hal_data_cback(), here to free this buffer to avoid memory leak. Bug: 28181917 Change-Id: I74bbb5c2f7956eb246b38c25a1e8c56922ee56ab
2016-04-25Update customized settings to eeprom after firmware downloadJizhou Liao
The customized RF, clock settings have to be updated to eeprom after firmware download Bug: 28181917 Change-Id: I5261590206b0cc15587fc8c6ea240b97b91da429
2016-02-22Swap LF_T3T_FLAGS bytes for PN548Jizhou Liao
PN548 firmware implements LF_T3T_FLAGS in big endian. As NCI spec required, it should present as little endian. This patch is a workaround to swap LF_T3T_FLAGS byte from little endian to big endian. Bug: 22379408
2016-02-04Merge "Set RC=1 when only polling for T3T." am: 68f7145da1Martijn Coenen
am: 3f75b3a6c9 * commit '3f75b3a6c9789c329139a4f2c76e4c729215217c': Set RC=1 when only polling for T3T.
2016-02-04Merge "Set RC=1 when only polling for T3T."Martijn Coenen
am: 68f7145da1 * commit '68f7145da1fafd91cd5500f219008a1921f54a01': Set RC=1 when only polling for T3T.
2016-02-04Merge "Set RC=1 when only polling for T3T."Martijn Coenen
2016-02-03Set RC=1 when only polling for T3T.Martijn Coenen
According to the NFC Forum Activity spec, controllers must: 1) Poll with RC=0 and SC=FFFF to find NFC-DEP targets 2) Poll with RC=1 and SC=FFFF to find T3T targets Many controllers don't do this yet, and seem to be activating NFC-DEP by default. We can at least fix the scenario where we're not interested in NFC-DEP, by setting RC=1 in that case. Otherwise, keep the default of RC=0. Change-Id: Icc27950c38bf0b0a10fc1325e85e4a526557b641
2016-01-22Merge "libnfc-nci: silence some uninteresting warnings." am: 25fcb25880Elliott Hughes
am: 393c91f7f6 * commit '393c91f7f6effc7c84d0635918cf872df6fa718b': libnfc-nci: silence some uninteresting warnings.
2016-01-22Merge "libnfc-nci: silence some uninteresting warnings."Elliott Hughes
am: 25fcb25880 * commit '25fcb2588094bc08b9b4a96eb0e2442bcf782ad7': libnfc-nci: silence some uninteresting warnings.
2016-01-22Merge "libnfc-nci: silence some uninteresting warnings."Elliott Hughes
2016-01-21libnfc-nci: silence some uninteresting warnings.Elliott Hughes
Change-Id: I24c65e8d5fbe80e23d3469a55efe4469c251530c
2016-01-08Merge "Implementation of HCE for NFC-F." am: ae2dabbe32Martijn Coenen
am: 53494e7730 * commit '53494e77309c2ebe58cf8b6347e51ed5494617b3': Implementation of HCE for NFC-F.
2016-01-08Merge "Implementation of HCE for NFC-F."Martijn Coenen
am: ae2dabbe32 * commit 'ae2dabbe3237514bf7398333026840d36f458505': Implementation of HCE for NFC-F.
2016-01-08Merge "Implementation of HCE for NFC-F."Martijn Coenen
2015-11-25Merge "Fix rf discover notification type." am: 7d7160dda3 am: dc0e6b6249Martijn Coenen
am: ca3f49d6e0 * commit 'ca3f49d6e019def467d61fe1996574f4c08f5573': Fix rf discover notification type.
2015-11-25Merge "Fix rf discover notification type." am: 7d7160dda3Martijn Coenen
am: dc0e6b6249 * commit 'dc0e6b62493b650bed4a26f55a61f50bebf7121c': Fix rf discover notification type.
2015-11-25Merge "Fix rf discover notification type."Martijn Coenen
am: 7d7160dda3 * commit '7d7160dda3b206c4135a0bff1299d2f8d7bfe5ed': Fix rf discover notification type.
2015-11-25Merge "Fix rf discover notification type."Martijn Coenen
2015-11-24Fix rf discover notification type.Martijn Coenen
Should be a UINT8; fix the JNI instead. Change-Id: I0d4fda2015ac0cb9aa517ce01608181a8d59fa84
2015-11-05Don\'t free memory that shouldn\'t be freed. am: 633b73f890 am: 53b8f70e4bMartijn Coenen
am: 5a920b2da9 * commit '5a920b2da9c8a53a6c79567f767af61b8463555e': Don't free memory that shouldn't be freed.
2015-11-05Don\'t free memory that shouldn\'t be freed. am: 633b73f890Martijn Coenen
am: 53b8f70e4b * commit '53b8f70e4bb222b85f904f26cc04076242e9244c': Don't free memory that shouldn't be freed.
2015-11-05Don\'t free memory that shouldn\'t be freed.android-6.0.1_r68android-6.0.1_r67android-6.0.1_r62android-6.0.1_r54android-6.0.1_r53android-6.0.1_r45android-6.0.1_r25android-6.0.1_r24android-6.0.1_r22android-6.0.1_r21marshmallow-dr1.6-releasemarshmallow-dr1.5-releasemarshmallow-dr1.5-devMartijn Coenen
am: 633b73f890 * commit '633b73f8909c8bc52868848399d61fa3b8df3e72': Don't free memory that shouldn't be freed.
2015-11-05Merge "Don\'t free memory that shouldn\'t be freed." am: c4ea0a696e am: ↵Martijn Coenen
30af63ccfe am: 5656a6b488 * commit '5656a6b488ae84bbd80f13f8ff1007134c328f50': Don't free memory that shouldn't be freed.
2015-11-05Merge "Don\'t free memory that shouldn\'t be freed." am: c4ea0a696eMartijn Coenen
am: 30af63ccfe * commit '30af63ccfe160852e82e71f253b7c14986eb8fd5': Don't free memory that shouldn't be freed.
2015-11-05Merge "Don\'t free memory that shouldn\'t be freed."Martijn Coenen
am: c4ea0a696e * commit 'c4ea0a696e0d09c1f69d629e1aa5d49de63d7b1e': Don't free memory that shouldn't be freed.
2015-11-05Merge "Don't free memory that shouldn't be freed."Martijn Coenen
2015-11-05Don't free memory that shouldn't be freed.Martijn Coenen
In case of NFC_ERROR_CEVT, p_data is just a pointer to an uint8_t, and doesn't contain data that needs to be freed. Note that there's a fall-through from NFC_DATA_CEVT above which warrants further investigation, but for now this is the safe fix. Bug: 25489121 Change-Id: Ibab5b42ca9defca04b2310c8d9a441c89f0f722d
2015-11-05Don't free memory that shouldn't be freed.android-6.0.1_r63android-6.0.1_r55android-6.0.1_r5android-6.0.1_r4android-6.0.1_r33android-6.0.1_r32android-6.0.1_r31android-6.0.1_r18android-6.0.1_r16marshmallow-dr-dragon-releaseMartijn Coenen
In case of NFC_ERROR_CEVT, p_data is just a pointer to an uint8_t, and doesn't contain data that needs to be freed. Note that there's a fall-through from NFC_DATA_CEVT above which warrants further investigation, but for now this is the safe fix. Bug: 25489121 Change-Id: Ibab5b42ca9defca04b2310c8d9a441c89f0f722d
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-27 08:46:38 +0000