Uploaded image for project: 'Embedded Software & Tools'
  1. Embedded Software & Tools
  2. EXT_EP-10575

Gapbondmgr null pointer access

    XMLWordPrintable

Details

    • Bug
    • Status: Fixed
    • Medium
    • Resolution: Fixed
    • SimpleLink CC13x2-26x2 SDK BLE5 Stack
    • BLE_AGAMA-3480
    • BLE Stack BLE5-2.2.2
    • Hide
      BLE stack BLE5-2.2.3 RC2
      BLE Stack BLE5-2.2.3
      Show
      BLE stack BLE5-2.2.3 RC2 BLE Stack BLE5-2.2.3
    • CC26X2R1

    Description

      The implementation of gapBondMgr function gapBondMgrAddBond() will attempt to pass Key information to gapBondMgrSaveBond() that has not been exchanged in the pairing.
      Key exchange is configured in each devices Key Distribution List. The devices exchange Key Distribution lists in Pairing Request and Pairing Response,

      Issue was observed when attempting pairing/bonding with an iPhone 11.

      The function gapBondMgrAddBond() attempts to pass sub-elements of pSingingInfo (CSRK) and pIdentityInfo (IRK) to gapBondMgrSaveBond().

      If these Keys are not configured in Key Distribution, both of these pointers will be NULL.
      This leads to a MEMFAULT exception when attempting to access sub-elements.

      Proposed fix:

      The irk, srk, and signCounter pointers are only evaluated and passed to gapBondMgrSaveBond() if we have the Identity Info and Signing Info respective

      Attachments

        Activity

          People

            syncuser TI User
            syncuser TI User
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: