* [PATCH BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow
@ 2021-06-11 8:19 Sebastian Urban
2021-06-11 8:42 ` [BlueZ] " bluez.test.bot
0 siblings, 1 reply; 6+ messages in thread
From: Sebastian Urban @ 2021-06-11 8:19 UTC (permalink / raw)
To: linux-bluetooth; +Cc: Sebastian Urban
This fixes the calculation of available buffer space in
bt_gatt_server_send_notification and sends pending notifications
immediately when there is no more room to add a notification.
Previously there was a buffer overflow caused by incorrect calculation
of available buffer space: data->offset can equal data->len
from a previous call to this function, leading
(data->len - data->offset) to underflow after data->offset += 2.
---
src/shared/gatt-server.c | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/src/shared/gatt-server.c b/src/shared/gatt-server.c
index 970c35f94..e7155f16a 100644
--- a/src/shared/gatt-server.c
+++ b/src/shared/gatt-server.c
@@ -1700,20 +1700,34 @@ bool bt_gatt_server_send_notification(struct bt_gatt_server *server,
if (!server || (length && !value))
return false;
- if (multiple)
+ if (multiple) {
data = server->nfy_mult;
+ /* Flush buffered data, if this request hits buffer size limit */
+ if (data && data->offset > 0 && data->len - data->offset < 4 + length) {
+ if (server->nfy_mult->id)
+ timeout_remove(server->nfy_mult->id);
+ notify_multiple(server);
+ data = NULL;
+ }
+ }
+
if (!data) {
data = new0(struct nfy_mult_data, 1);
data->len = bt_att_get_mtu(server->att) - 1;
data->pdu = malloc(data->len);
}
+ if (multiple) {
+ if (data->len - data->offset < 4 + length)
+ return false;
+ } else {
+ if (data->len - data->offset < 2 + length)
+ return false;
+ }
+
put_le16(handle, data->pdu + data->offset);
data->offset += 2;
-
- length = MIN(data->len - data->offset, length);
-
if (multiple) {
put_le16(length, data->pdu + data->offset);
data->offset += 2;
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* RE: [BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow
2021-06-11 8:19 [PATCH BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow Sebastian Urban
@ 2021-06-11 8:42 ` bluez.test.bot
0 siblings, 0 replies; 6+ messages in thread
From: bluez.test.bot @ 2021-06-11 8:42 UTC (permalink / raw)
To: linux-bluetooth, surban
[-- Attachment #1: Type: text/plain, Size: 2973 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=498667
---Test result---
Test Summary:
CheckPatch FAIL 0.31 seconds
GitLint PASS 0.11 seconds
Prep - Setup ELL PASS 44.15 seconds
Build - Prep PASS 0.10 seconds
Build - Configure PASS 7.14 seconds
Build - Make PASS 189.01 seconds
Make Check PASS 9.48 seconds
Make Distcheck PASS 207.31 seconds
Build w/ext ELL - Configure PASS 6.78 seconds
Build w/ext ELL - Make PASS 157.09 seconds
Details
##############################
Test: CheckPatch - FAIL
Desc: Run checkpatch.pl script with rule in .checkpatch.conf
Output:
gatt-server: Flush notify multiple buffer when full and fix overflow
WARNING:LONG_LINE_COMMENT: line length of 81 exceeds 80 columns
#28: FILE: src/shared/gatt-server.c:1706:
+ /* Flush buffered data, if this request hits buffer size limit */
WARNING:LONG_LINE: line length of 88 exceeds 80 columns
#29: FILE: src/shared/gatt-server.c:1707:
+ if (data && data->offset > 0 && data->len - data->offset < 4 + length) {
- total: 0 errors, 2 warnings, 38 lines checked
NOTE: For some of the reported defects, checkpatch may be able to
mechanically convert to the typical style using --fix or --fix-inplace.
"[PATCH] gatt-server: Flush notify multiple buffer when full and fix" has style problems, please review.
NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO
NOTE: If any of the errors are false positives, please report
them to the maintainer, see CHECKPATCH in MAINTAINERS.
##############################
Test: GitLint - PASS
Desc: Run gitlint with rule in .gitlint
##############################
Test: Prep - Setup ELL - PASS
Desc: Clone, build, and install ELL
##############################
Test: Build - Prep - PASS
Desc: Prepare environment for build
##############################
Test: Build - Configure - PASS
Desc: Configure the BlueZ source tree
##############################
Test: Build - Make - PASS
Desc: Build the BlueZ source tree
##############################
Test: Make Check - PASS
Desc: Run 'make check'
##############################
Test: Make Distcheck - PASS
Desc: Run distcheck to check the distribution
##############################
Test: Build w/ext ELL - Configure - PASS
Desc: Configure BlueZ source with '--enable-external-ell' configuration
##############################
Test: Build w/ext ELL - Make - PASS
Desc: Build BlueZ source with '--enable-external-ell' configuration
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow
2021-06-11 12:29 [PATCH BlueZ] " Sebastian Urban
@ 2021-06-11 12:52 ` bluez.test.bot
0 siblings, 0 replies; 6+ messages in thread
From: bluez.test.bot @ 2021-06-11 12:52 UTC (permalink / raw)
To: linux-bluetooth, surban
[-- Attachment #1: Type: text/plain, Size: 1953 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=498857
---Test result---
Test Summary:
CheckPatch PASS 0.64 seconds
GitLint PASS 0.13 seconds
Prep - Setup ELL PASS 46.67 seconds
Build - Prep PASS 0.11 seconds
Build - Configure PASS 8.18 seconds
Build - Make PASS 202.14 seconds
Make Check PASS 9.49 seconds
Make Distcheck PASS 237.27 seconds
Build w/ext ELL - Configure PASS 8.12 seconds
Build w/ext ELL - Make PASS 188.19 seconds
Details
##############################
Test: CheckPatch - PASS
Desc: Run checkpatch.pl script with rule in .checkpatch.conf
##############################
Test: GitLint - PASS
Desc: Run gitlint with rule in .gitlint
##############################
Test: Prep - Setup ELL - PASS
Desc: Clone, build, and install ELL
##############################
Test: Build - Prep - PASS
Desc: Prepare environment for build
##############################
Test: Build - Configure - PASS
Desc: Configure the BlueZ source tree
##############################
Test: Build - Make - PASS
Desc: Build the BlueZ source tree
##############################
Test: Make Check - PASS
Desc: Run 'make check'
##############################
Test: Make Distcheck - PASS
Desc: Run distcheck to check the distribution
##############################
Test: Build w/ext ELL - Configure - PASS
Desc: Configure BlueZ source with '--enable-external-ell' configuration
##############################
Test: Build w/ext ELL - Make - PASS
Desc: Build BlueZ source with '--enable-external-ell' configuration
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow
2021-06-12 9:32 [PATCH BlueZ] " Sebastian Urban
@ 2021-06-12 9:56 ` bluez.test.bot
0 siblings, 0 replies; 6+ messages in thread
From: bluez.test.bot @ 2021-06-12 9:56 UTC (permalink / raw)
To: linux-bluetooth, surban
[-- Attachment #1: Type: text/plain, Size: 3111 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=499291
---Test result---
Test Summary:
CheckPatch PASS 0.52 seconds
GitLint PASS 0.12 seconds
Prep - Setup ELL PASS 47.89 seconds
Build - Prep PASS 0.15 seconds
Build - Configure PASS 8.11 seconds
Build - Make FAIL 10.16 seconds
Make Check FAIL 0.57 seconds
Make Distcheck PASS 243.02 seconds
Build w/ext ELL - Configure PASS 8.14 seconds
Build w/ext ELL - Make FAIL 9.66 seconds
Details
##############################
Test: CheckPatch - PASS
Desc: Run checkpatch.pl script with rule in .checkpatch.conf
##############################
Test: GitLint - PASS
Desc: Run gitlint with rule in .gitlint
##############################
Test: Prep - Setup ELL - PASS
Desc: Clone, build, and install ELL
##############################
Test: Build - Prep - PASS
Desc: Prepare environment for build
##############################
Test: Build - Configure - PASS
Desc: Configure the BlueZ source tree
##############################
Test: Build - Make - FAIL
Desc: Build the BlueZ source tree
Output:
src/shared/gatt-server.c:1693:6: error: no previous declaration for ‘notify_append_le16’ [-Werror=missing-declarations]
1693 | bool notify_append_le16(struct nfy_mult_data *data, uint16_t value)
| ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[1]: *** [Makefile:6955: src/shared/gatt-server.lo] Error 1
make: *** [Makefile:4134: all] Error 2
##############################
Test: Make Check - FAIL
Desc: Run 'make check'
Output:
src/shared/gatt-server.c:1693:6: error: no previous declaration for ‘notify_append_le16’ [-Werror=missing-declarations]
1693 | bool notify_append_le16(struct nfy_mult_data *data, uint16_t value)
| ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[1]: *** [Makefile:6955: src/shared/gatt-server.lo] Error 1
make: *** [Makefile:10406: check] Error 2
##############################
Test: Make Distcheck - PASS
Desc: Run distcheck to check the distribution
##############################
Test: Build w/ext ELL - Configure - PASS
Desc: Configure BlueZ source with '--enable-external-ell' configuration
##############################
Test: Build w/ext ELL - Make - FAIL
Desc: Build BlueZ source with '--enable-external-ell' configuration
Output:
src/shared/gatt-server.c:1693:6: error: no previous declaration for ‘notify_append_le16’ [-Werror=missing-declarations]
1693 | bool notify_append_le16(struct nfy_mult_data *data, uint16_t value)
| ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[1]: *** [Makefile:6955: src/shared/gatt-server.lo] Error 1
make: *** [Makefile:4134: all] Error 2
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow
2021-06-13 10:39 [PATCH BlueZ] " Sebastian Urban
@ 2021-06-13 11:04 ` bluez.test.bot
2021-06-14 21:06 ` Luiz Augusto von Dentz
0 siblings, 1 reply; 6+ messages in thread
From: bluez.test.bot @ 2021-06-13 11:04 UTC (permalink / raw)
To: linux-bluetooth, surban
[-- Attachment #1: Type: text/plain, Size: 1953 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=499527
---Test result---
Test Summary:
CheckPatch PASS 0.64 seconds
GitLint PASS 0.15 seconds
Prep - Setup ELL PASS 51.54 seconds
Build - Prep PASS 0.15 seconds
Build - Configure PASS 9.04 seconds
Build - Make PASS 228.99 seconds
Make Check PASS 9.32 seconds
Make Distcheck PASS 267.21 seconds
Build w/ext ELL - Configure PASS 9.24 seconds
Build w/ext ELL - Make PASS 213.85 seconds
Details
##############################
Test: CheckPatch - PASS
Desc: Run checkpatch.pl script with rule in .checkpatch.conf
##############################
Test: GitLint - PASS
Desc: Run gitlint with rule in .gitlint
##############################
Test: Prep - Setup ELL - PASS
Desc: Clone, build, and install ELL
##############################
Test: Build - Prep - PASS
Desc: Prepare environment for build
##############################
Test: Build - Configure - PASS
Desc: Configure the BlueZ source tree
##############################
Test: Build - Make - PASS
Desc: Build the BlueZ source tree
##############################
Test: Make Check - PASS
Desc: Run 'make check'
##############################
Test: Make Distcheck - PASS
Desc: Run distcheck to check the distribution
##############################
Test: Build w/ext ELL - Configure - PASS
Desc: Configure BlueZ source with '--enable-external-ell' configuration
##############################
Test: Build w/ext ELL - Make - PASS
Desc: Build BlueZ source with '--enable-external-ell' configuration
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow
2021-06-13 11:04 ` [BlueZ] " bluez.test.bot
@ 2021-06-14 21:06 ` Luiz Augusto von Dentz
0 siblings, 0 replies; 6+ messages in thread
From: Luiz Augusto von Dentz @ 2021-06-14 21:06 UTC (permalink / raw)
To: linux-bluetooth@vger.kernel.org; +Cc: Sebastian Urban
Hi Sebastian,
On Sun, Jun 13, 2021 at 4:06 AM <bluez.test.bot@gmail.com> wrote:
>
> This is automated email and please do not reply to this email!
>
> Dear submitter,
>
> Thank you for submitting the patches to the linux bluetooth mailing list.
> This is a CI test results with your patch series:
> PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=499527
>
> ---Test result---
>
> Test Summary:
> CheckPatch PASS 0.64 seconds
> GitLint PASS 0.15 seconds
> Prep - Setup ELL PASS 51.54 seconds
> Build - Prep PASS 0.15 seconds
> Build - Configure PASS 9.04 seconds
> Build - Make PASS 228.99 seconds
> Make Check PASS 9.32 seconds
> Make Distcheck PASS 267.21 seconds
> Build w/ext ELL - Configure PASS 9.24 seconds
> Build w/ext ELL - Make PASS 213.85 seconds
>
> Details
> ##############################
> Test: CheckPatch - PASS
> Desc: Run checkpatch.pl script with rule in .checkpatch.conf
>
> ##############################
> Test: GitLint - PASS
> Desc: Run gitlint with rule in .gitlint
>
> ##############################
> Test: Prep - Setup ELL - PASS
> Desc: Clone, build, and install ELL
>
> ##############################
> Test: Build - Prep - PASS
> Desc: Prepare environment for build
>
> ##############################
> Test: Build - Configure - PASS
> Desc: Configure the BlueZ source tree
>
> ##############################
> Test: Build - Make - PASS
> Desc: Build the BlueZ source tree
>
> ##############################
> Test: Make Check - PASS
> Desc: Run 'make check'
>
> ##############################
> Test: Make Distcheck - PASS
> Desc: Run distcheck to check the distribution
>
> ##############################
> Test: Build w/ext ELL - Configure - PASS
> Desc: Configure BlueZ source with '--enable-external-ell' configuration
>
> ##############################
> Test: Build w/ext ELL - Make - PASS
> Desc: Build BlueZ source with '--enable-external-ell' configuration
>
>
>
> ---
> Regards,
> Linux Bluetooth
Applied, thanks.
--
Luiz Augusto von Dentz
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-06-14 21:06 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-06-11 8:19 [PATCH BlueZ] gatt-server: Flush notify multiple buffer when full and fix overflow Sebastian Urban
2021-06-11 8:42 ` [BlueZ] " bluez.test.bot
-- strict thread matches above, loose matches on Subject: below --
2021-06-11 12:29 [PATCH BlueZ] " Sebastian Urban
2021-06-11 12:52 ` [BlueZ] " bluez.test.bot
2021-06-12 9:32 [PATCH BlueZ] " Sebastian Urban
2021-06-12 9:56 ` [BlueZ] " bluez.test.bot
2021-06-13 10:39 [PATCH BlueZ] " Sebastian Urban
2021-06-13 11:04 ` [BlueZ] " bluez.test.bot
2021-06-14 21:06 ` Luiz Augusto von Dentz
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.