* [Bluez-devel] [Patch] Samsung D600 (sdp, service discovery deadlocks)
@ 2005-11-22 20:39 Victor Shchebatyuk
2005-11-24 4:22 ` Marcel Holtmann
0 siblings, 1 reply; 2+ messages in thread
From: Victor Shchebatyuk @ 2005-11-22 20:39 UTC (permalink / raw)
To: BlueZ Mailing List
[-- Attachment #1: Type: text/plain, Size: 719 bytes --]
Hi Marcel,
We experienced some deadlock in the bluez library for Samsund-D600 phone
during service discovery. This is due to incorrect SDP record set
returned on service inquiry request. The response from the SDP server
contains service records + some rubbish at the end. So when it tries to
parse it, sdp_extract_pdu() returns 0 recsize and locks the while()
loop.
Samsung is informed, but I do not know if they will come up with
something (have no idea who provides the stack for them, they have a
Broadcom chip in there)
The patch is attached.
Regards,
Victor.
P.S. I do not have the phone with me now, otherwise I would send in
hcidump output. It reports errors when trying to parse at the end of
response.
[-- Attachment #2: sdp-samsungd600.patch --]
[-- Type: text/x-patch, Size: 444 bytes --]
Index: src/sdp.c
===================================================================
RCS file: /cvsroot/bluez/libs/src/sdp.c,v
retrieving revision 1.30
diff -u -r1.30 sdp.c
--- src/sdp.c 29 Oct 2005 19:25:43 -0000 1.30
+++ src/sdp.c 22 Nov 2005 20:24:12 -0000
@@ -3115,6 +3115,10 @@
status = -1;
goto end;
}
+ if (!recsize) {
+ sdp_record_free(rec);
+ break;
+ }
scanned += recsize;
pdata += recsize;
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: [Bluez-devel] [Patch] Samsung D600 (sdp, service discovery deadlocks)
2005-11-22 20:39 [Bluez-devel] [Patch] Samsung D600 (sdp, service discovery deadlocks) Victor Shchebatyuk
@ 2005-11-24 4:22 ` Marcel Holtmann
0 siblings, 0 replies; 2+ messages in thread
From: Marcel Holtmann @ 2005-11-24 4:22 UTC (permalink / raw)
To: bluez-devel
Hi Victor,
> We experienced some deadlock in the bluez library for Samsund-D600 phone
> during service discovery. This is due to incorrect SDP record set
> returned on service inquiry request. The response from the SDP server
> contains service records + some rubbish at the end. So when it tries to
> parse it, sdp_extract_pdu() returns 0 recsize and locks the while()
> loop.
the patch is in the CVS now. Thanks.
> Samsung is informed, but I do not know if they will come up with
> something (have no idea who provides the stack for them, they have a
> Broadcom chip in there)
Don't expect anything.
> P.S. I do not have the phone with me now, otherwise I would send in
> hcidump output. It reports errors when trying to parse at the end of
> response.
I like to have these phones at home for further testing, but getting all
the bad phones is quite an expensive hobby. The donations are not enough
to buy them.
Regards
Marcel
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Bluez-devel mailing list
Bluez-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bluez-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-11-24 4:22 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-11-22 20:39 [Bluez-devel] [Patch] Samsung D600 (sdp, service discovery deadlocks) Victor Shchebatyuk
2005-11-24 4:22 ` Marcel Holtmann
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).