fix: address review feedback - use InvalidPacketError and abort on buffer overflow

- att.py: raise core.InvalidPacketError instead of generic ValueError - smp.py: raise core.InvalidPacketError instead of generic ValueError - hfp.py: add MAX_BUFFER_SIZE class constant (64KB) - hfp.py: drop incoming data when it would overflow buffer instead of truncating, preserving existing partial-packet state Per review comments on PR #912 by @zxzxwu.
2026-05-09 04:08:02 +00:00 · 2026-04-16 11:24:09 -07:00
parent 0a78e7506b
commit 444f43f6a3
3 changed files with 15 additions and 6 deletions
--- a/bumble/hfp.py
+++ b/bumble/hfp.py
@@ -68,6 +68,8 @@ class HfpProtocolError(ProtocolError):

 # -----------------------------------------------------------------------------
 class HfpProtocol:
+    MAX_BUFFER_SIZE: ClassVar[int] = 65536
+
    dlc: rfcomm.DLC
    buffer: str
    lines: collections.deque
@@ -88,11 +90,17 @@ class HfpProtocol:

        logger.debug(f'<<< Data received: {data}')

+        # Drop incoming data if it would overflow the buffer; keep existing
+        # partial packet state intact so a future clean packet can still parse.
+        if len(self.buffer) + len(data) > self.MAX_BUFFER_SIZE:
+            logger.warning(
+                'HFP buffer overflow (>%d bytes), dropping incoming data',
+                self.MAX_BUFFER_SIZE,
+            )
+            return
+
        # Add to the buffer and look for lines
        self.buffer += data
-        if len(self.buffer) > 65536:
-            logger.warning("HFP buffer overflow, truncating")
-            self.buffer = self.buffer[-65536:]
        while (separator := self.buffer.find('\r')) >= 0:
            line = self.buffer[:separator].strip()
            self.buffer = self.buffer[separator + 1 :]