The BDB functions BDB_vFbExitAsTarget and BDB_vFbExitAsTarget in the bcb_fb_target.c SDK source incorrectly treat the provided endpoint parameter as a 1-based index rather than and endpoint ID:
BDB_vFbExitAsTarget
- Calls eZCL_WriteLocalAttributeValue, which requires an ID, not an index
- Updates local state with: aeFBState[u8SourceEndpoint - 1] = E_FB_IDLE_STATE, which requires a 1-based index.
BDB_eFbTriggerAsTarget expects a 1-based index
- Returns an error if u8Endpoint > BDB_FB_NUMBER_OF_ENDPOINTS
- As with the previous function, it calls eZCL_WriteLocalAttributeValue which requires an ID, and then udpates aeFBState assuming a 1-based index (aeFBState[u8EndPoint - 1] = E_FB_IN_PROGRESS_STATE).
These bugs are hidden when endpoint IDs are contiguous and begin at 1, which is the case in the samples.
FYI, we previously reported a similar bug in the OTA code here.
SDK Version: 2.6.15
