All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH BlueZ] device: Fix crash attempting to read Sets property
@ 2023-03-13 18:31 Luiz Augusto von Dentz
  2023-03-13 19:39 ` [BlueZ] " bluez.test.bot
  2023-03-14 19:40 ` [PATCH BlueZ] " patchwork-bot+bluetooth
  0 siblings, 2 replies; 3+ messages in thread
From: Luiz Augusto von Dentz @ 2023-03-13 18:31 UTC (permalink / raw)
  To: linux-bluetooth

From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

The following set can be observed when a sirk is exists but it is
encrypted leading to info->set to not be set:

Invalid read of size 8
   at 0x1ACDF0: append_set (device.c:1662)
   by 0x1FFEFFF7DF: ???
   by 0x1D4461: queue_foreach (queue.c:207)
   by 0x1AC8DE: dev_property_get_set (device.c:1700)
   by 0x1CF3E2: append_property (object.c:498)
   by 0x1CFA91: append_properties (object.c:527)
   by 0x1CFAFD: append_interface (object.c:542)
   by 0x48D7CEF: g_slist_foreach (gslist.c:887)
   by 0x1CF5A7: append_interfaces (object.c:1104)
   by 0x1CF5A7: append_object (object.c:1119)
   by 0x48D7CEF: g_slist_foreach (gslist.c:887)
   by 0x1CF5D0: append_object (object.c:1122)
   by 0x48D7CEF: g_slist_foreach (gslist.c:887)
 Address 0x8 is not stack'd, malloc'd or (recently) free'd
---
 src/device.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/device.c b/src/device.c
index 77b38e97a7ea..f31f2a097e07 100644
--- a/src/device.c
+++ b/src/device.c
@@ -1659,10 +1659,15 @@ static gboolean dev_property_wake_allowed_exist(
 static void append_set(void *data, void *user_data)
 {
 	struct sirk_info *info = data;
-	const char *path = btd_set_get_path(info->set);
+	const char *path;
 	DBusMessageIter *iter = user_data;
 	DBusMessageIter entry, dict;
 
+	if (!info->set)
+		return;
+
+	path = btd_set_get_path(info->set);
+
 	dbus_message_iter_open_container(iter, DBUS_TYPE_DICT_ENTRY, NULL,
 								&entry);
 
-- 
2.39.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* RE: [BlueZ] device: Fix crash attempting to read Sets property
  2023-03-13 18:31 [PATCH BlueZ] device: Fix crash attempting to read Sets property Luiz Augusto von Dentz
@ 2023-03-13 19:39 ` bluez.test.bot
  2023-03-14 19:40 ` [PATCH BlueZ] " patchwork-bot+bluetooth
  1 sibling, 0 replies; 3+ messages in thread
From: bluez.test.bot @ 2023-03-13 19:39 UTC (permalink / raw)
  To: linux-bluetooth, luiz.dentz

[-- Attachment #1: Type: text/plain, Size: 947 bytes --]

This is automated email and please do not reply to this email!

Dear submitter,

Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=729577

---Test result---

Test Summary:
CheckPatch                    PASS      0.54 seconds
GitLint                       PASS      0.36 seconds
BuildEll                      PASS      27.32 seconds
BluezMake                     PASS      871.82 seconds
MakeCheck                     PASS      11.35 seconds
MakeDistcheck                 PASS      152.15 seconds
CheckValgrind                 PASS      249.23 seconds
CheckSmatch                   PASS      337.61 seconds
bluezmakeextell               PASS      100.19 seconds
IncrementalBuild              PASS      724.58 seconds
ScanBuild                     PASS      1055.53 seconds



---
Regards,
Linux Bluetooth


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH BlueZ] device: Fix crash attempting to read Sets property
  2023-03-13 18:31 [PATCH BlueZ] device: Fix crash attempting to read Sets property Luiz Augusto von Dentz
  2023-03-13 19:39 ` [BlueZ] " bluez.test.bot
@ 2023-03-14 19:40 ` patchwork-bot+bluetooth
  1 sibling, 0 replies; 3+ messages in thread
From: patchwork-bot+bluetooth @ 2023-03-14 19:40 UTC (permalink / raw)
  To: Luiz Augusto von Dentz; +Cc: linux-bluetooth

Hello:

This patch was applied to bluetooth/bluez.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>:

On Mon, 13 Mar 2023 11:31:21 -0700 you wrote:
> From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
> 
> The following set can be observed when a sirk is exists but it is
> encrypted leading to info->set to not be set:
> 
> Invalid read of size 8
>    at 0x1ACDF0: append_set (device.c:1662)
>    by 0x1FFEFFF7DF: ???
>    by 0x1D4461: queue_foreach (queue.c:207)
>    by 0x1AC8DE: dev_property_get_set (device.c:1700)
>    by 0x1CF3E2: append_property (object.c:498)
>    by 0x1CFA91: append_properties (object.c:527)
>    by 0x1CFAFD: append_interface (object.c:542)
>    by 0x48D7CEF: g_slist_foreach (gslist.c:887)
>    by 0x1CF5A7: append_interfaces (object.c:1104)
>    by 0x1CF5A7: append_object (object.c:1119)
>    by 0x48D7CEF: g_slist_foreach (gslist.c:887)
>    by 0x1CF5D0: append_object (object.c:1122)
>    by 0x48D7CEF: g_slist_foreach (gslist.c:887)
>  Address 0x8 is not stack'd, malloc'd or (recently) free'd
> 
> [...]

Here is the summary with links:
  - [BlueZ] device: Fix crash attempting to read Sets property
    https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=2762129212f1

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-03-14 19:40 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-13 18:31 [PATCH BlueZ] device: Fix crash attempting to read Sets property Luiz Augusto von Dentz
2023-03-13 19:39 ` [BlueZ] " bluez.test.bot
2023-03-14 19:40 ` [PATCH BlueZ] " patchwork-bot+bluetooth

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.