NimBLEScan increment m_callbackSent before callback.

Fixes heap corruption observed on CONFIG_HEAP_POISONING_COMPREHENSIVE.
This commit is contained in:
thekurtovic 2024-12-25 10:17:50 -05:00 committed by h2zero
parent da48844e2f
commit dc53052411

View file

@ -119,19 +119,19 @@ int NimBLEScan::handleGapEvent(ble_gap_event* event, void* arg) {
} }
if (!advertisedDevice->m_callbackSent) { if (!advertisedDevice->m_callbackSent) {
pScan->m_pScanCallbacks->onDiscovered(advertisedDevice);
advertisedDevice->m_callbackSent++; advertisedDevice->m_callbackSent++;
pScan->m_pScanCallbacks->onDiscovered(advertisedDevice);
} }
// If not active scanning or scan response is not available // If not active scanning or scan response is not available
// or extended advertisement scanning, report the result to the callback now. // or extended advertisement scanning, report the result to the callback now.
if (pScan->m_scanParams.passive || !isLegacyAdv || !advertisedDevice->isScannable()) { if (pScan->m_scanParams.passive || !isLegacyAdv || !advertisedDevice->isScannable()) {
pScan->m_pScanCallbacks->onResult(advertisedDevice);
advertisedDevice->m_callbackSent++; advertisedDevice->m_callbackSent++;
pScan->m_pScanCallbacks->onResult(advertisedDevice);
} else if (isLegacyAdv && event_type == BLE_HCI_ADV_RPT_EVTYPE_SCAN_RSP) { } else if (isLegacyAdv && event_type == BLE_HCI_ADV_RPT_EVTYPE_SCAN_RSP) {
advertisedDevice->m_callbackSent++;
// got the scan response report the full data. // got the scan response report the full data.
pScan->m_pScanCallbacks->onResult(advertisedDevice); pScan->m_pScanCallbacks->onResult(advertisedDevice);
advertisedDevice->m_callbackSent++;
} }
// If not storing results and we have invoked the callback, delete the device. // If not storing results and we have invoked the callback, delete the device.