host/ble_gap.c : Check allowed random address

rahult-github · rahult-github · commit 1ff031a99e59 · 2025-06-16T16:53:05.000+05:30
Add a check to validate whether the random address being set is
allowed as per spec
diff --git a/nimble/host/include/host/ble_gap.h b/nimble/host/include/host/ble_gap.h
@@ -295,6 +295,18 @@ struct hci_conn_update;
 
 /** @} */
 
+/**
+ * @defgroup Mask for checking random address validity
+ * @{
+ */
+/** Static random address check mask. */
+#define BLE_STATIC_RAND_ADDR_MASK           0xC0
+
+/** Non RPA check mask. */
+#define BLE_NON_RPA_MASK                    0x3F
+
+/** @} */
+
 /** Connection security state */
 struct ble_gap_sec_state {
     /** If connection is encrypted */
diff --git a/nimble/host/src/ble_gap.c b/nimble/host/src/ble_gap.c
@@ -3430,6 +3430,7 @@ int
 ble_gap_ext_adv_set_addr(uint8_t instance, const ble_addr_t *addr)
 {
     int rc;
+    ble_addr_t invalid_non_rpa_addr, invalid_static_rand_addr;
 
     if (instance >= BLE_ADV_INSTANCES || addr->type != BLE_ADDR_RANDOM) {
         return BLE_HS_EINVAL;
@@ -3439,6 +3440,35 @@ ble_gap_ext_adv_set_addr(uint8_t instance, const ble_addr_t *addr)
         return BLE_HS_EDISABLED;
     }
 
+    /*
+       A static address is a 48-bit randomly generated address and shall meet the following requirements:
+       The two most significant bits of the address shall be equal to 1
+       All bits of the random part of the address shall not be equal to 1
+       All bits of the random part of the address shall not be equal to 0
+     */
+
+    memset(&invalid_non_rpa_addr.val, 0xff, BLE_DEV_ADDR_LEN);
+    memset(&invalid_static_rand_addr.val, 0x00, BLE_DEV_ADDR_LEN);
+
+    if ((addr->val[5] & BLE_STATIC_RAND_ADDR_MASK) == BLE_STATIC_RAND_ADDR_MASK) {
+        invalid_static_rand_addr.val[5] = invalid_static_rand_addr.val[5] | BLE_STATIC_RAND_ADDR_MASK;
+
+	if (memcmp(invalid_non_rpa_addr.val, addr->val, BLE_DEV_ADDR_LEN) == 0 ||
+	    memcmp(invalid_static_rand_addr.val, addr->val, BLE_DEV_ADDR_LEN) == 0) {
+	    return BLE_HS_EINVAL;
+	}
+    } else if ((addr->val[5] | BLE_NON_RPA_MASK) == BLE_NON_RPA_MASK) {
+        invalid_non_rpa_addr.val[5] = invalid_non_rpa_addr.val[5] & BLE_NON_RPA_MASK;
+
+	if (memcmp(invalid_non_rpa_addr.val, addr->val, BLE_DEV_ADDR_LEN) == 0 ||
+	    memcmp(invalid_static_rand_addr.val, addr->val, BLE_DEV_ADDR_LEN) == 0) {
+	    return BLE_HS_EINVAL;
+	}
+    } else {
+	BLE_HS_LOG(ERROR, "Invalid random address \n");
+	return BLE_HS_EINVAL;
+    }
+
     ble_hs_lock();
     rc = ble_gap_ext_adv_set_addr_no_lock(instance, addr->val);
     ble_hs_unlock();
diff --git a/nimble/host/src/ble_hs_id_priv.h b/nimble/host/src/ble_hs_id_priv.h
@@ -32,6 +32,7 @@ int ble_hs_id_addr(uint8_t id_addr_type, const uint8_t **out_id_addr,
 int ble_hs_id_use_addr(uint8_t addr_type);
 void ble_hs_id_reset(void);
 void ble_hs_id_rnd_reset(void);
+bool ble_hs_id_is_rpa(const ble_addr_t *addr);
 
 #ifdef __cplusplus
 }

Original file line number	Diff line number	Diff line change
`@@ -32,6 +32,7 @@ int ble_hs_id_addr(uint8_t id_addr_type, const uint8_t **out_id_addr,`
`32`	`32`	`int ble_hs_id_use_addr(uint8_t addr_type);`
`33`	`33`	`void ble_hs_id_reset(void);`
`34`	`34`	`void ble_hs_id_rnd_reset(void);`
	`35`	`+bool ble_hs_id_is_rpa(const ble_addr_t *addr);`
`35`	`36`
`36`	`37`	`#ifdef __cplusplus`
`37`	`38`	`}`