* [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE @ 2022-05-07 17:35 Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 1/4] tools: Fix memory leak in hciconfig Ildar Kamaletdinov ` (4 more replies) 0 siblings, 5 replies; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 17:35 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov This patch set includes few fixes for bugs that was found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Changelog: [v3] Removed trailing whitespace (style issue). [v2] Some minor style changes after CI check. [v1] Initial version. Ildar Kamaletdinov (4): tools: Fix memory leak in hciconfig tools: Fix memory leaks in btgatt-server/client tools: Fix handle leak in rfcomm device: Fix uninitialized value usage src/device.c | 3 ++- tools/btgatt-client.c | 6 +++++- tools/btgatt-server.c | 5 ++++- tools/hciconfig.c | 6 +++++- tools/rfcomm.c | 4 ++++ 5 files changed, 20 insertions(+), 4 deletions(-) -- 2.35.3 ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH BlueZ 1/4] tools: Fix memory leak in hciconfig 2022-05-07 17:35 [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE Ildar Kamaletdinov @ 2022-05-07 17:35 ` Ildar Kamaletdinov 2022-05-07 20:16 ` Fix few more bugs found by SVACE bluez.test.bot 2022-05-07 17:35 ` [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client Ildar Kamaletdinov ` (3 subsequent siblings) 4 siblings, 1 reply; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 17:35 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov printf() was using function that return dynamic allocated memory as a parameter. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. --- tools/hciconfig.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/hciconfig.c b/tools/hciconfig.c index e4d521583..a1c615bfa 100644 --- a/tools/hciconfig.c +++ b/tools/hciconfig.c @@ -80,7 +80,11 @@ static void print_pkt_type(struct hci_dev_info *di) static void print_link_policy(struct hci_dev_info *di) { - printf("\tLink policy: %s\n", hci_lptostr(di->link_policy)); + char *str; + + str = hci_lptostr(di->link_policy); + printf("\tLink policy: %s\n", str); + bt_free(str); } static void print_link_mode(struct hci_dev_info *di) -- 2.35.3 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* RE: Fix few more bugs found by SVACE 2022-05-07 17:35 ` [PATCH BlueZ 1/4] tools: Fix memory leak in hciconfig Ildar Kamaletdinov @ 2022-05-07 20:16 ` bluez.test.bot 0 siblings, 0 replies; 9+ messages in thread From: bluez.test.bot @ 2022-05-07 20:16 UTC (permalink / raw) To: linux-bluetooth, i.kamaletdinov [-- Attachment #1: Type: text/plain, Size: 998 bytes --] This is automated email and please do not reply to this email! Dear submitter, Thank you for submitting the patches to the linux bluetooth mailing list. This is a CI test results with your patch series: PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=639429 ---Test result--- Test Summary: CheckPatch PASS 5.75 seconds GitLint PASS 4.05 seconds Prep - Setup ELL PASS 45.04 seconds Build - Prep PASS 0.68 seconds Build - Configure PASS 8.92 seconds Build - Make PASS 1359.48 seconds Make Check PASS 11.38 seconds Make Check w/Valgrind PASS 460.06 seconds Make Distcheck PASS 246.02 seconds Build w/ext ELL - Configure PASS 8.85 seconds Build w/ext ELL - Make PASS 1354.51 seconds Incremental Build with patchesPASS 5536.54 seconds --- Regards, Linux Bluetooth ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client 2022-05-07 17:35 [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 1/4] tools: Fix memory leak in hciconfig Ildar Kamaletdinov @ 2022-05-07 17:35 ` Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 3/4] tools: Fix handle leak in rfcomm Ildar Kamaletdinov ` (2 subsequent siblings) 4 siblings, 0 replies; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 17:35 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov According to man buffer allocated by getline() should be freed by the user program even if getline() failed. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. --- tools/btgatt-client.c | 6 +++++- tools/btgatt-server.c | 5 ++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/btgatt-client.c b/tools/btgatt-client.c index 8c9365aa2..58a03bd48 100644 --- a/tools/btgatt-client.c +++ b/tools/btgatt-client.c @@ -1355,12 +1355,16 @@ static void prompt_read_cb(int fd, uint32_t events, void *user_data) return; } - if ((read = getline(&line, &len, stdin)) == -1) + read = getline(&line, &len, stdin); + if (read < 0) { + free(line); return; + } if (read <= 1) { cmd_help(cli, NULL); print_prompt(); + free(line); return; } diff --git a/tools/btgatt-server.c b/tools/btgatt-server.c index 4a5d2b720..90a6c9b0a 100644 --- a/tools/btgatt-server.c +++ b/tools/btgatt-server.c @@ -1080,12 +1080,15 @@ static void prompt_read_cb(int fd, uint32_t events, void *user_data) } read = getline(&line, &len, stdin); - if (read < 0) + if (read < 0) { + free(line); return; + } if (read <= 1) { cmd_help(server, NULL); print_prompt(); + free(line); return; } -- 2.35.3 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH BlueZ 3/4] tools: Fix handle leak in rfcomm 2022-05-07 17:35 [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 1/4] tools: Fix memory leak in hciconfig Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client Ildar Kamaletdinov @ 2022-05-07 17:35 ` Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 4/4] device: Fix uninitialized value usage Ildar Kamaletdinov 2022-05-09 20:10 ` [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE patchwork-bot+bluetooth 4 siblings, 0 replies; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 17:35 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov Some branches of execution can make handle (socket) leakage. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. --- tools/rfcomm.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/rfcomm.c b/tools/rfcomm.c index cd520aa44..e013ff588 100644 --- a/tools/rfcomm.c +++ b/tools/rfcomm.c @@ -298,6 +298,7 @@ static void cmd_connect(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **arg if (setsockopt(sk, SOL_SOCKET, SO_LINGER, &l, sizeof(l)) < 0) { perror("Can't set linger option"); + close(sk); return; } } @@ -466,6 +467,7 @@ static void cmd_listen(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **argv if (getsockname(nsk, (struct sockaddr *)&laddr, &alen) < 0) { perror("Can't get RFCOMM socket name"); close(nsk); + close(sk); return; } @@ -475,6 +477,7 @@ static void cmd_listen(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **argv if (setsockopt(nsk, SOL_SOCKET, SO_LINGER, &l, sizeof(l)) < 0) { perror("Can't set linger option"); close(nsk); + close(sk); return; } } @@ -490,6 +493,7 @@ static void cmd_listen(int ctl, int dev, bdaddr_t *bdaddr, int argc, char **argv dev = ioctl(nsk, RFCOMMCREATEDEV, &req); if (dev < 0) { perror("Can't create RFCOMM TTY"); + close(nsk); close(sk); return; } -- 2.35.3 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH BlueZ 4/4] device: Fix uninitialized value usage 2022-05-07 17:35 [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE Ildar Kamaletdinov ` (2 preceding siblings ...) 2022-05-07 17:35 ` [PATCH BlueZ 3/4] tools: Fix handle leak in rfcomm Ildar Kamaletdinov @ 2022-05-07 17:35 ` Ildar Kamaletdinov 2022-05-09 20:10 ` [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE patchwork-bot+bluetooth 4 siblings, 0 replies; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 17:35 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov Definitely `dbus_bool_t b;` must be initialized before comparing it with current value. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. --- src/device.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/device.c b/src/device.c index 6da5c380b..7114e1b3e 100644 --- a/src/device.c +++ b/src/device.c @@ -1568,6 +1568,8 @@ static void dev_property_set_wake_allowed(const GDBusPropertyTable *property, return; } + dbus_message_iter_get_basic(value, &b); + /* Emit busy or success depending on current value. */ if (b == device->pending_wake_allowed) { if (device->wake_allowed == device->pending_wake_allowed) @@ -1580,7 +1582,6 @@ static void dev_property_set_wake_allowed(const GDBusPropertyTable *property, return; } - dbus_message_iter_get_basic(value, &b); device_set_wake_override(device, b); device_set_wake_allowed(device, b, id); } -- 2.35.3 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE 2022-05-07 17:35 [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE Ildar Kamaletdinov ` (3 preceding siblings ...) 2022-05-07 17:35 ` [PATCH BlueZ 4/4] device: Fix uninitialized value usage Ildar Kamaletdinov @ 2022-05-09 20:10 ` patchwork-bot+bluetooth 4 siblings, 0 replies; 9+ messages in thread From: patchwork-bot+bluetooth @ 2022-05-09 20:10 UTC (permalink / raw) To: Ildar Kamaletdinov; +Cc: linux-bluetooth Hello: This series was applied to bluetooth/bluez.git (master) by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>: On Sat, 7 May 2022 20:35:01 +0300 you wrote: > This patch set includes few fixes for bugs that was found by > Linux Verification Center (linuxtesting.org) with the SVACE static > analysis tool. > > Changelog: > [v3] Removed trailing whitespace (style issue). > [v2] Some minor style changes after CI check. > [v1] Initial version. > > [...] Here is the summary with links: - [BlueZ,1/4] tools: Fix memory leak in hciconfig https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=efa90050937c - [BlueZ,2/4] tools: Fix memory leaks in btgatt-server/client https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=a4741ef4bf6c - [BlueZ,3/4] tools: Fix handle leak in rfcomm https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=e9ec1cf8715d - [BlueZ,4/4] device: Fix uninitialized value usage https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=42e9b8db92d5 You are awesome, thank you! -- Deet-doot-dot, I am a bot. https://korg.docs.kernel.org/patchwork/pwbot.html ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH BlueZ 0/4] [v2] Fix few more bugs found by SVACE @ 2022-05-07 17:06 Ildar Kamaletdinov 2022-05-07 17:07 ` [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client Ildar Kamaletdinov 0 siblings, 1 reply; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 17:06 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov This patch set includes few fixes for bugs that was found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Changelog: [v2] some minor style changes after CI check. [v1] initial version. Ildar Kamaletdinov (4): tools: Fix memory leak in hciconfig tools: Fix memory leaks in btgatt-server/client tools: Fix handle leak in rfcomm device: Fix uninitialized value usage src/device.c | 3 ++- tools/btgatt-client.c | 6 +++++- tools/btgatt-server.c | 5 ++++- tools/hciconfig.c | 6 +++++- tools/rfcomm.c | 4 ++++ 5 files changed, 20 insertions(+), 4 deletions(-) -- 2.35.3 ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client 2022-05-07 17:06 [PATCH BlueZ 0/4] [v2] " Ildar Kamaletdinov @ 2022-05-07 17:07 ` Ildar Kamaletdinov 0 siblings, 0 replies; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 17:07 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov According to man buffer allocated by getline() should be freed by the user program even if getline() failed. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. --- tools/btgatt-client.c | 6 +++++- tools/btgatt-server.c | 5 ++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/btgatt-client.c b/tools/btgatt-client.c index 8c9365aa2..58a03bd48 100644 --- a/tools/btgatt-client.c +++ b/tools/btgatt-client.c @@ -1355,12 +1355,16 @@ static void prompt_read_cb(int fd, uint32_t events, void *user_data) return; } - if ((read = getline(&line, &len, stdin)) == -1) + read = getline(&line, &len, stdin); + if (read < 0) { + free(line); return; + } if (read <= 1) { cmd_help(cli, NULL); print_prompt(); + free(line); return; } diff --git a/tools/btgatt-server.c b/tools/btgatt-server.c index 4a5d2b720..90a6c9b0a 100644 --- a/tools/btgatt-server.c +++ b/tools/btgatt-server.c @@ -1080,12 +1080,15 @@ static void prompt_read_cb(int fd, uint32_t events, void *user_data) } read = getline(&line, &len, stdin); - if (read < 0) + if (read < 0) { + free(line); return; + } if (read <= 1) { cmd_help(server, NULL); print_prompt(); + free(line); return; } -- 2.35.3 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH BlueZ 0/4] Fix few more bugs found by SVACE @ 2022-05-07 15:06 Ildar Kamaletdinov 2022-05-07 15:06 ` [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client Ildar Kamaletdinov 0 siblings, 1 reply; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 15:06 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov This patch set includes few fixes for bugs that was found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Ildar Kamaletdinov (4): tools: Fix memory leak in hciconfig tools: Fix memory leaks in btgatt-server/client tools: Fix handle leak in rfcomm device: Fix uninitialized value usage src/device.c | 3 ++- tools/btgatt-client.c | 5 ++++- tools/btgatt-server.c | 5 ++++- tools/hciconfig.c | 5 ++++- tools/rfcomm.c | 4 ++++ 5 files changed, 18 insertions(+), 4 deletions(-) -- 2.35.3 ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client 2022-05-07 15:06 [PATCH BlueZ 0/4] Fix few more bugs found by SVACE Ildar Kamaletdinov @ 2022-05-07 15:06 ` Ildar Kamaletdinov 0 siblings, 0 replies; 9+ messages in thread From: Ildar Kamaletdinov @ 2022-05-07 15:06 UTC (permalink / raw) To: linux-bluetooth; +Cc: Ildar Kamaletdinov According to man buffer allocated by getline() should be freed by the user program even if getline() failed. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. --- tools/btgatt-client.c | 5 ++++- tools/btgatt-server.c | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/tools/btgatt-client.c b/tools/btgatt-client.c index 8c9365aa2..9447062fb 100644 --- a/tools/btgatt-client.c +++ b/tools/btgatt-client.c @@ -1355,12 +1355,15 @@ static void prompt_read_cb(int fd, uint32_t events, void *user_data) return; } - if ((read = getline(&line, &len, stdin)) == -1) + if ((read = getline(&line, &len, stdin)) == -1) { + free(line); return; + } if (read <= 1) { cmd_help(cli, NULL); print_prompt(); + free(line); return; } diff --git a/tools/btgatt-server.c b/tools/btgatt-server.c index 4a5d2b720..90a6c9b0a 100644 --- a/tools/btgatt-server.c +++ b/tools/btgatt-server.c @@ -1080,12 +1080,15 @@ static void prompt_read_cb(int fd, uint32_t events, void *user_data) } read = getline(&line, &len, stdin); - if (read < 0) + if (read < 0) { + free(line); return; + } if (read <= 1) { cmd_help(server, NULL); print_prompt(); + free(line); return; } -- 2.35.3 ^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2022-05-09 20:23 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-05-07 17:35 [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 1/4] tools: Fix memory leak in hciconfig Ildar Kamaletdinov 2022-05-07 20:16 ` Fix few more bugs found by SVACE bluez.test.bot 2022-05-07 17:35 ` [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 3/4] tools: Fix handle leak in rfcomm Ildar Kamaletdinov 2022-05-07 17:35 ` [PATCH BlueZ 4/4] device: Fix uninitialized value usage Ildar Kamaletdinov 2022-05-09 20:10 ` [PATCH BlueZ 0/4] [v3] Fix few more bugs found by SVACE patchwork-bot+bluetooth -- strict thread matches above, loose matches on Subject: below -- 2022-05-07 17:06 [PATCH BlueZ 0/4] [v2] " Ildar Kamaletdinov 2022-05-07 17:07 ` [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client Ildar Kamaletdinov 2022-05-07 15:06 [PATCH BlueZ 0/4] Fix few more bugs found by SVACE Ildar Kamaletdinov 2022-05-07 15:06 ` [PATCH BlueZ 2/4] tools: Fix memory leaks in btgatt-server/client Ildar Kamaletdinov
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).