From: Simon Horman <simon.horman@corigine.com>
To: Sungwoo Kim <iam@sung-woo.kim>
Cc: benquike@gmail.com, davem@davemloft.net, daveti@purdue.edu,
edumazet@google.com, happiness.sung.woo@gmail.com,
johan.hedberg@gmail.com, kuba@kernel.org,
linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org,
luiz.dentz@gmail.com, marcel@holtmann.org,
netdev@vger.kernel.org, pabeni@redhat.com, wuruoyu@me.com
Subject: Re: [PATCH] Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
Date: Sat, 27 May 2023 14:59:04 +0200 [thread overview]
Message-ID: <ZHH+l73YeZd9iq52@corigine.com> (raw)
In-Reply-To: <20230526181647.3074391-1-iam@sung-woo.kim>
On Fri, May 26, 2023 at 02:16:48PM -0400, Sungwoo Kim wrote:
> > net/bluetooth/l2cap_sock.c: In function 'l2cap_sock_release':
> > >> net/bluetooth/l2cap_sock.c:1418:9: error: implicit declaration of function 'l2cap_sock_cleanup_listen'; did you mean 'l2cap_sock_listen'? [-Werror=implicit-function-declaration]
>
> Fix this error
>
> > 1418 | l2cap_sock_cleanup_listen(sk);
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~
> > | l2cap_sock_listen
> > net/bluetooth/l2cap_sock.c: At top level:
> > >> net/bluetooth/l2cap_sock.c:1436:13: warning: conflicting types for 'l2cap_sock_cleanup_listen'; have 'void(struct sock *)'
> > 1436 | static void l2cap_sock_cleanup_listen(struct sock *parent)
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~
> > >> net/bluetooth/l2cap_sock.c:1436:13: error: static declaration of 'l2cap_sock_cleanup_listen' follows non-static declaration
> > net/bluetooth/l2cap_sock.c:1418:9: note: previous implicit declaration of 'l2cap_sock_cleanup_listen' with type 'void(struct sock *)'
> > 1418 | l2cap_sock_cleanup_listen(sk);
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~
> > cc1: some warnings being treated as errors
>
> Signed-off-by: Sungwoo Kim <iam@sung-woo.kim>
Hi,
I am confused about why this error occurs.
In bluetooth-next [1] I see that l2cap_sock_cleanup_listen() is defined
on line 1435 of l2cap_sock.c. And then used on line 1574.
So there should be no need for a forward declaration.
[1] a088d769ef3a ("Bluetooth: L2CAP: Fix use-after-free")
> ---
> net/bluetooth/l2cap_sock.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
> index eebe25610..3818e11a8 100644
> --- a/net/bluetooth/l2cap_sock.c
> +++ b/net/bluetooth/l2cap_sock.c
> @@ -46,6 +46,7 @@ static const struct proto_ops l2cap_sock_ops;
> static void l2cap_sock_init(struct sock *sk, struct sock *parent);
> static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock,
> int proto, gfp_t prio, int kern);
> +static void l2cap_sock_cleanup_listen(struct sock *parent);
>
> bool l2cap_is_socket(struct socket *sock)
> {
> @@ -1414,7 +1415,8 @@ static int l2cap_sock_release(struct socket *sock)
>
> if (!sk)
> return 0;
> -
> +
nit: The white-space on the line above was correct (no white-space)
Now there are trailing tabs.
> + l2cap_sock_cleanup_listen(sk);
This change may match the patch subject
but seems unrelated to the patch description.
> bt_sock_unlink(&l2cap_sk_list, sk);
>
> err = l2cap_sock_shutdown(sock, SHUT_RDWR);
> --
> 2.34.1
>
>
next prev parent reply other threads:[~2023-05-27 12:59 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-23 9:17 Bluetooth: L2cap: use-after-free in l2cap_sock_kill Sungwoo Kim
2023-02-02 9:05 ` [PATCH] Bluetooth: L2CAP: Fix use-after-free Sungwoo Kim
2023-02-02 9:26 ` Eric Dumazet
2023-02-02 12:09 ` Sungwoo Kim
2023-02-02 12:35 ` Eric Dumazet
2023-05-26 18:16 ` [PATCH] Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb Sungwoo Kim
2023-05-26 18:57 ` bluez.test.bot
2023-05-27 12:59 ` Simon Horman [this message]
2023-02-02 9:33 ` Bluetooth: L2CAP: Fix use-after-free bluez.test.bot
-- strict thread matches above, loose matches on Subject: below --
2023-05-26 8:40 [PATCH] Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb Sungwoo Kim
2023-05-26 12:01 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZHH+l73YeZd9iq52@corigine.com \
--to=simon.horman@corigine.com \
--cc=benquike@gmail.com \
--cc=davem@davemloft.net \
--cc=daveti@purdue.edu \
--cc=edumazet@google.com \
--cc=happiness.sung.woo@gmail.com \
--cc=iam@sung-woo.kim \
--cc=johan.hedberg@gmail.com \
--cc=kuba@kernel.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
--cc=marcel@holtmann.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=wuruoyu@me.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.