Index: hcidump/parser/sdp.c =================================================================== RCS file: /cvsroot/bluez/hcidump/parser/sdp.c,v retrieving revision 1.22 diff -u -r1.22 sdp.c --- hcidump/parser/sdp.c 1 Sep 2003 15:09:06 -0000 1.22 +++ hcidump/parser/sdp.c 23 Feb 2004 14:44:00 -0000 @@ -279,7 +279,7 @@ static inline void print_des(uint8_t de_type, int level, int n, struct frame *frm, int *split) { int len = frm->len; - while (len - frm->len < n ) + while ( (len - frm->len < n) && (frm->len > 0) ) print_de(level, frm, split); } @@ -328,7 +328,7 @@ static inline void print_srv_srch_pat(int level, struct frame *frm) { - int len = frm->len; + int len; int n1; int n2; @@ -336,7 +336,8 @@ printf("pat"); if (parse_de_hdr(frm, &n1) == SDP_DE_SEQ) { - while (len - frm->len <= n1 ) { + len = frm->len; + while ( (len - frm->len < n1) && (frm->len > 0) ) { if (parse_de_hdr(frm,&n2) == SDP_DE_UUID) { print_uuid(n2, frm); } else { @@ -356,14 +357,15 @@ { uint16_t attr_id; uint32_t attr_id_range; - int len = frm->len; + int len; int n1, n2; p_indent(level, frm); printf("aid(s)"); if (parse_de_hdr(frm, &n1) == SDP_DE_SEQ) { - while (len - frm->len <= n1 ) { + len = frm->len; + while ( (len - frm->len < n1) && (frm->len > 0) ) { /* Print AttributeID */ if (parse_de_hdr(frm, &n2) == SDP_DE_UINT) { char *name; @@ -398,10 +400,11 @@ { uint16_t attr_id; int n1, n2, split; - int len = frm->len; + int len; if (parse_de_hdr(frm, &n1) == SDP_DE_SEQ) { - while (len - frm->len < n1 ) { + len = frm->len; + while ( (len - frm->len < n1) && (frm->len > 0) ) { /* Print AttributeID */ if (parse_de_hdr(frm, &n2) == SDP_DE_UINT && n2 == sizeof(attr_id)) { char *name; @@ -437,8 +440,7 @@ int cnt = 0; if (parse_de_hdr(frm, &n) == SDP_DE_SEQ) { -// printf(" len 0x%x frm->len 0x%x n 0x%x\n", len, frm->len, n); - while (len - frm->len < n ) { + while ( (len - frm->len < n) && (frm->len > 0) ) { p_indent(level, 0); printf("srv rec #%d\n", cnt++); print_attr_list(level+1, frm);