From 381dcbd8f6f67883b0a7cc82a62380882e0c4ce3 Mon Sep 17 00:00:00 2001
From: Alex Blasche <alexander.blasche@theqtcompany.com>
Date: Mon, 6 Jul 2015 15:58:28 +0200
Subject: Cut high bits from QLECharacteristic::PropertyTypes

The enum value is 32 bit. the field we are reading is 8bit. Ensure that
the higher bits are always set to 0.

Change-Id: I317a877e23645c2785fd75e38494103f2272d2cd
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
---
 src/bluetooth/qlowenergycontroller_bluez.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/bluetooth/qlowenergycontroller_bluez.cpp b/src/bluetooth/qlowenergycontroller_bluez.cpp
index bb490ba9..0654bda1 100644
--- a/src/bluetooth/qlowenergycontroller_bluez.cpp
+++ b/src/bluetooth/qlowenergycontroller_bluez.cpp
@@ -478,7 +478,7 @@ QLowEnergyHandle parseReadByTypeCharDiscovery(
 
     QLowEnergyHandle attributeHandle = bt_get_le16(&data[0]);
     charData->properties =
-            (QLowEnergyCharacteristic::PropertyTypes)data[2];
+            (QLowEnergyCharacteristic::PropertyTypes)(data[2] & 0xff);
     charData->valueHandle = bt_get_le16(&data[3]);
 
     if (elementLength == 7) // 16 bit uuid
-- 
cgit v1.2.3


From 06f04ba7aa619a722a6c4eaa11e49a1c0ed6a240 Mon Sep 17 00:00:00 2001
From: Alex Blasche <alexander.blasche@theqtcompany.com>
Date: Tue, 7 Jul 2015 14:06:47 +0200
Subject: Do not cut 32bit value down to 16bit

handledata contains a 16bit char handle in the lower bits and
may contains a 16bit descriptor handle in its upper 16 bits.
When doing blob read requests for descriptors the upper 16 bit
may be cut off and the descriptor read turns into a characteristic
read. In turn this switches the internal
state of the service discovery state machine causing an endless loop
between descriptor and characteristic reads.

Change-Id: Ia66f230e8fb018da51c3ce32db936d02a0b195b8
Task-number: QTBUG-47028
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
---
 src/bluetooth/qlowenergycontroller_bluez.cpp | 2 +-
 src/bluetooth/qlowenergycontroller_p.h       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/bluetooth/qlowenergycontroller_bluez.cpp b/src/bluetooth/qlowenergycontroller_bluez.cpp
index 0654bda1..a35545b0 100644
--- a/src/bluetooth/qlowenergycontroller_bluez.cpp
+++ b/src/bluetooth/qlowenergycontroller_bluez.cpp
@@ -1222,7 +1222,7 @@ void QLowEnergyControllerPrivate::readServiceValues(
     starting the next read request.
  */
 void QLowEnergyControllerPrivate::readServiceValuesByOffset(
-        quint16 handleData, quint16 offset, bool isLastValue)
+        uint handleData, quint16 offset, bool isLastValue)
 {
     const QLowEnergyHandle charHandle = (handleData & 0xffff);
     const QLowEnergyHandle descriptorHandle = ((handleData >> 16) & 0xffff);
diff --git a/src/bluetooth/qlowenergycontroller_p.h b/src/bluetooth/qlowenergycontroller_p.h
index bb26a538..810f0ff4 100644
--- a/src/bluetooth/qlowenergycontroller_p.h
+++ b/src/bluetooth/qlowenergycontroller_p.h
@@ -173,7 +173,7 @@ private:
     void sendReadValueRequest(QLowEnergyHandle attributeHandle, bool isDescriptor);
     void readServiceValues(const QBluetoothUuid &service,
                            bool readCharacteristics);
-    void readServiceValuesByOffset(quint16 handleData, quint16 offset,
+    void readServiceValuesByOffset(uint handleData, quint16 offset,
                                    bool isLastValue);
 
     void discoverServiceDescriptors(const QBluetoothUuid &serviceUuid);
-- 
cgit v1.2.3


From 3807f631e0fee4fd2e87353b3578a580dbf8cb00 Mon Sep 17 00:00:00 2001
From: Alex Blasche <alexander.blasche@theqtcompany.com>
Date: Tue, 7 Jul 2015 16:10:06 +0200
Subject: Add debug option to sdpscanner permitting plain text output of scan
 results

Change-Id: I8b2c8931b3755306491deff51b57d1476fe87e3a
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
---
 src/tools/sdpscanner/main.cpp | 34 ++++++++++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 4 deletions(-)

diff --git a/src/tools/sdpscanner/main.cpp b/src/tools/sdpscanner/main.cpp
index 1efb6de2..50870651 100644
--- a/src/tools/sdpscanner/main.cpp
+++ b/src/tools/sdpscanner/main.cpp
@@ -46,9 +46,11 @@
 void usage()
 {
     fprintf(stderr, "Usage:\n");
-    fprintf(stderr, "\tsdpscanner <remote bdaddr> <local bdaddr>\n\n");
+    fprintf(stderr, "\tsdpscanner <remote bdaddr> <local bdaddr> [Options]\n\n");
     fprintf(stderr, "Performs an SDP scan on remote device, using the SDP server\n"
-                    "represented by the local Bluetooth device.\n");
+                    "represented by the local Bluetooth device.\n\n"
+                    "Options:\n"
+                    "   -p      Show scan results in human-readable form\n");
 }
 
 #define BUFFER_SIZE 1024
@@ -245,7 +247,7 @@ QByteArray parseSdpRecord(sdp_record_t *record)
 
 int main(int argc, char **argv)
 {
-    if (argc != 3) {
+    if (argc < 3) {
         usage();
         return RETURN_USAGE;
     }
@@ -266,6 +268,27 @@ int main(int argc, char **argv)
         return RETURN_INVALPARAM;
     }
 
+    bool showHumanReadable = false;
+
+    for (int i = 3; i < argc; i++) {
+        if (argv[i][0] != '-') {
+            usage();
+            return RETURN_USAGE;
+        }
+
+        switch (argv[i][1])
+        {
+        case 'p':
+            showHumanReadable = true;
+            break;
+        default:
+            fprintf(stderr, "Wrong argument: %s\n", argv[i]);
+            usage();
+            return RETURN_USAGE;
+
+        }
+    }
+
     sdp_session_t *session = sdp_connect( &local, &remote, SDP_RETRY_IF_BUSY);
     if (!session) {
         //try one more time if first time failed
@@ -314,7 +337,10 @@ int main(int argc, char **argv)
     }
 
     if (!total.isEmpty()) {
-        printf("%s", total.toBase64().constData());
+        if (showHumanReadable)
+            printf("%s", total.constData());
+        else
+            printf("%s", total.toBase64().constData());
     }
 
     sdp_close(session);
-- 
cgit v1.2.3


From adfed1222fbe73267f4a3be149d9acff158ddfa1 Mon Sep 17 00:00:00 2001
From: Alex Blasche <alexander.blasche@theqtcompany.com>
Date: Mon, 6 Jul 2015 15:10:31 +0200
Subject: Parse all char descriptions in one go

ATT_OP_READ_BY_TYPE_REQUEST may return more than one char description
per response packet. Due to a missing offset adjustment we only ever
read the first description. Subsequent description were read by
issuing a new READ_BY_TYPE request. This is very inefficient as
at worst 3 times as many requests had to be send to the device.

Change-Id: I83ca75a42425fe230926411f068112865c249061
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
Reviewed-by: Alex Blasche <alexander.blasche@theqtcompany.com>
---
 src/bluetooth/qlowenergycontroller_bluez.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/bluetooth/qlowenergycontroller_bluez.cpp b/src/bluetooth/qlowenergycontroller_bluez.cpp
index a35545b0..8906eb06 100644
--- a/src/bluetooth/qlowenergycontroller_bluez.cpp
+++ b/src/bluetooth/qlowenergycontroller_bluez.cpp
@@ -672,6 +672,7 @@ void QLowEnergyControllerPrivate::processReply(
                 lastHandle = parseReadByTypeCharDiscovery(
                             &characteristic, &data[offset], elementLength);
                 p->characteristicList[lastHandle] = characteristic;
+                offset += elementLength;
             } else if (attributeType == GATT_INCLUDED_SERVICE) {
                 QList<QBluetoothUuid> includedServices;
                 lastHandle = parseReadByTypeIncludeDiscovery(
-- 
cgit v1.2.3