* [PATCH BlueZ 1/2] admin: Fix leaking uuids loads from storage
@ 2021-09-16 22:38 Luiz Augusto von Dentz
2021-09-16 22:38 ` [PATCH BlueZ 2/2] admin: Fix double free Luiz Augusto von Dentz
2021-09-16 22:56 ` [BlueZ,1/2] admin: Fix leaking uuids loads from storage bluez.test.bot
0 siblings, 2 replies; 3+ messages in thread
From: Luiz Augusto von Dentz @ 2021-09-16 22:38 UTC (permalink / raw)
To: linux-bluetooth
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This fixes the following trace:
8 bytes in 1 blocks are definitely lost in loss record 27 of 274
at 0x4839809: malloc (vg_replace_malloc.c:307)
by 0x495BBB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x494C024: g_key_file_get_string_list (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x131ECD: key_file_load_service_allowlist (admin.c:294)
by 0x131ECD: load_policy_settings (admin.c:346)
by 0x131ECD: admin_policy_adapter_probe (admin.c:497)
by 0x18F554: probe_driver (adapter.c:4858)
by 0x19DF5A: load_drivers (adapter.c:4873)
by 0x19DF5A: adapter_register (adapter.c:8975)
by 0x19DF5A: read_info_complete (adapter.c:9791)
by 0x1CE831: request_complete (mgmt.c:264)
by 0x1CF7D4: can_read_data (mgmt.c:356)
by 0x1DE634: watch_callback (io-glib.c:157)
by 0x4953A9E: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x49A5A97: ??? (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x4953162: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.6600.8)
---
plugins/admin.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/plugins/admin.c b/plugins/admin.c
index 8390f3c32..c232c057c 100644
--- a/plugins/admin.c
+++ b/plugins/admin.c
@@ -12,6 +12,7 @@
#include <config.h>
#endif
+#include <stdlib.h>
#include <dbus/dbus.h>
#include <gdbus/gdbus.h>
#include <sys/file.h>
@@ -74,7 +75,7 @@ static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter)
static void free_service_allowlist(struct queue *q)
{
- queue_destroy(q, g_free);
+ queue_destroy(q, free);
}
static void admin_policy_free(void *data)
@@ -307,7 +308,7 @@ static void key_file_load_service_allowlist(GKeyFile *key_file,
if (!uuid)
goto failed;
- if (bt_string_to_uuid(uuid, *uuids)) {
+ if (bt_string_to_uuid(uuid, uuids[i])) {
btd_error(admin_policy->adapter_id,
"Failed to convert '%s' to uuid struct",
@@ -318,14 +319,16 @@ static void key_file_load_service_allowlist(GKeyFile *key_file,
}
queue_push_tail(uuid_list, uuid);
- uuids++;
}
if (!service_allowlist_set(admin_policy, uuid_list))
goto failed;
+ g_strfreev(uuids);
+
return;
failed:
+ g_strfreev(uuids);
free_service_allowlist(uuid_list);
}
--
2.31.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH BlueZ 2/2] admin: Fix double free
2021-09-16 22:38 [PATCH BlueZ 1/2] admin: Fix leaking uuids loads from storage Luiz Augusto von Dentz
@ 2021-09-16 22:38 ` Luiz Augusto von Dentz
2021-09-16 22:56 ` [BlueZ,1/2] admin: Fix leaking uuids loads from storage bluez.test.bot
1 sibling, 0 replies; 3+ messages in thread
From: Luiz Augusto von Dentz @ 2021-09-16 22:38 UTC (permalink / raw)
To: linux-bluetooth
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Fixes the following double free which happen due to exit calling
btd_unregister_adapter_driver:
Invalid read of size 8
at 0x1CDA97: queue_foreach (queue.c:198)
by 0x1318B8: admin_policy_remove (admin.c:591)
by 0x18982A: plugin_cleanup (plugin.c:217)
by 0x12E3FD: main (main.c:1214)
Address 0x547ffb8 is 8 bytes inside a block of size 32 free'd
at 0x483A9F5: free (vg_replace_malloc.c:538)
by 0x1318CB: admin_policy_remove (admin.c:592)
by 0x18F416: unload_driver (adapter.c:7215)
by 0x496F50F: g_slist_foreach (in /usr/lib64/libglib-2.0.so.0.6600.8)
by 0x131988: admin_exit (admin.c:623)
by 0x18982A: plugin_cleanup (plugin.c:217)
by 0x12E3FD: main (main.c:1214)
Block was alloc'd at
at 0x4839809: malloc (vg_replace_malloc.c:307)
by 0x1CDE1E: btd_malloc (util.c:33)
by 0x1CD83D: queue_new (queue.c:47)
by 0x13150D: admin_init (admin.c:614)
by 0x18966B: plugin_init (plugin.c:187)
by 0x12E358: main (main.c:1198)
---
plugins/admin.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plugins/admin.c b/plugins/admin.c
index c232c057c..7b7190a06 100644
--- a/plugins/admin.c
+++ b/plugins/admin.c
@@ -590,6 +590,7 @@ static void admin_policy_remove(struct btd_adapter *adapter)
queue_foreach(devices, unregister_device_data, NULL);
queue_destroy(devices, g_free);
+ devices = NULL;
if (policy_data) {
admin_policy_destroy(policy_data);
@@ -621,7 +622,6 @@ static void admin_exit(void)
DBG("");
btd_unregister_adapter_driver(&admin_policy_driver);
- admin_policy_remove(NULL);
}
BLUETOOTH_PLUGIN_DEFINE(admin, VERSION,
--
2.31.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* RE: [BlueZ,1/2] admin: Fix leaking uuids loads from storage
2021-09-16 22:38 [PATCH BlueZ 1/2] admin: Fix leaking uuids loads from storage Luiz Augusto von Dentz
2021-09-16 22:38 ` [PATCH BlueZ 2/2] admin: Fix double free Luiz Augusto von Dentz
@ 2021-09-16 22:56 ` bluez.test.bot
1 sibling, 0 replies; 3+ messages in thread
From: bluez.test.bot @ 2021-09-16 22:56 UTC (permalink / raw)
To: linux-bluetooth, luiz.dentz
[-- Attachment #1: Type: text/plain, Size: 2146 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=548487
---Test result---
Test Summary:
CheckPatch FAIL 2.78 seconds
GitLint FAIL 1.90 seconds
Prep - Setup ELL PASS 49.13 seconds
Build - Prep PASS 0.47 seconds
Build - Configure PASS 8.99 seconds
Build - Make PASS 211.41 seconds
Make Check PASS 9.40 seconds
Make Distcheck PASS 251.47 seconds
Build w/ext ELL - Configure PASS 9.15 seconds
Build w/ext ELL - Make PASS 199.07 seconds
Details
##############################
Test: CheckPatch - FAIL
Desc: Run checkpatch.pl script with rule in .checkpatch.conf
Output:
[BlueZ,1/2] admin: Fix leaking uuids loads from storage
WARNING:COMMIT_LOG_LONG_LINE: Possible unwrapped commit description (prefer a maximum 75 chars per line)
#93:
by 0x494C024: g_key_file_get_string_list (in /usr/lib64/libglib-2.0.so.0.6600.8)
/github/workspace/src/12500439.patch total: 0 errors, 1 warnings, 40 lines checked
NOTE: For some of the reported defects, checkpatch may be able to
mechanically convert to the typical style using --fix or --fix-inplace.
/github/workspace/src/12500439.patch has style problems, please review.
NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO
NOTE: If any of the errors are false positives, please report
them to the maintainer, see CHECKPATCH in MAINTAINERS.
##############################
Test: GitLint - FAIL
Desc: Run gitlint with rule in .gitlint
Output:
[BlueZ,1/2] admin: Fix leaking uuids loads from storage
8: B1 Line exceeds max length (83>80): " by 0x494C024: g_key_file_get_string_list (in /usr/lib64/libglib-2.0.so.0.6600.8)"
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-09-16 22:56 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-09-16 22:38 [PATCH BlueZ 1/2] admin: Fix leaking uuids loads from storage Luiz Augusto von Dentz
2021-09-16 22:38 ` [PATCH BlueZ 2/2] admin: Fix double free Luiz Augusto von Dentz
2021-09-16 22:56 ` [BlueZ,1/2] admin: Fix leaking uuids loads from storage bluez.test.bot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.