* [PATCH 2/2] input: Fix crash when SDP record isn't available @ 2013-12-07 14:53 Bastien Nocera 2013-12-07 17:52 ` Johan Hedberg 0 siblings, 1 reply; 4+ messages in thread From: Bastien Nocera @ 2013-12-07 14:53 UTC (permalink / raw) To: linux-bluetooth On startup, if the SDP cache has been removed but the pairing information is still present, we'd crash trying to access inside a NULL record struct. --- profiles/input/device.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/profiles/input/device.c b/profiles/input/device.c index 521aca8..62f6dbb 100644 --- a/profiles/input/device.c +++ b/profiles/input/device.c @@ -811,6 +811,9 @@ static struct input_device *input_device_new(struct btd_service *service) struct input_device *idev; char name[HCI_MAX_NAME_LENGTH + 1]; + if (!rec) + return NULL; + idev = g_new0(struct input_device, 1); bacpy(&idev->src, btd_adapter_get_address(adapter)); bacpy(&idev->dst, device_get_address(device)); -- 1.8.4.2 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 2/2] input: Fix crash when SDP record isn't available 2013-12-07 14:53 [PATCH 2/2] input: Fix crash when SDP record isn't available Bastien Nocera @ 2013-12-07 17:52 ` Johan Hedberg 2013-12-07 21:45 ` Bastien Nocera 0 siblings, 1 reply; 4+ messages in thread From: Johan Hedberg @ 2013-12-07 17:52 UTC (permalink / raw) To: Bastien Nocera; +Cc: linux-bluetooth Hi Bastien, On Sat, Dec 07, 2013, Bastien Nocera wrote: > On startup, if the SDP cache has been removed but the pairing > information is still present, we'd crash trying to access inside a > NULL record struct. > --- > profiles/input/device.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/profiles/input/device.c b/profiles/input/device.c > index 521aca8..62f6dbb 100644 > --- a/profiles/input/device.c > +++ b/profiles/input/device.c > @@ -811,6 +811,9 @@ static struct input_device *input_device_new(struct btd_service *service) > struct input_device *idev; > char name[HCI_MAX_NAME_LENGTH + 1]; > > + if (!rec) > + return NULL; > + > idev = g_new0(struct input_device, 1); > bacpy(&idev->src, btd_adapter_get_address(adapter)); > bacpy(&idev->dst, device_get_address(device)); I've applied your first patch, but I'd like to understand a bit better how you'd end up in this situation. Is this accomplishable through BlueZ APIs or only if one goes and messes with the storage directly? Either way, is this the best approach or should we consider still creating the input device but just ignore the bits that depend on the SDP record? Johan ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 2/2] input: Fix crash when SDP record isn't available 2013-12-07 17:52 ` Johan Hedberg @ 2013-12-07 21:45 ` Bastien Nocera 2013-12-10 9:08 ` Johan Hedberg 0 siblings, 1 reply; 4+ messages in thread From: Bastien Nocera @ 2013-12-07 21:45 UTC (permalink / raw) To: Johan Hedberg; +Cc: linux-bluetooth On Sat, 2013-12-07 at 21:52 +0400, Johan Hedberg wrote: > Hi Bastien, > > On Sat, Dec 07, 2013, Bastien Nocera wrote: > > On startup, if the SDP cache has been removed but the pairing > > information is still present, we'd crash trying to access inside a > > NULL record struct. > > --- > > profiles/input/device.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/profiles/input/device.c b/profiles/input/device.c > > index 521aca8..62f6dbb 100644 > > --- a/profiles/input/device.c > > +++ b/profiles/input/device.c > > @@ -811,6 +811,9 @@ static struct input_device *input_device_new(struct btd_service *service) > > struct input_device *idev; > > char name[HCI_MAX_NAME_LENGTH + 1]; > > > > + if (!rec) > > + return NULL; > > + > > idev = g_new0(struct input_device, 1); > > bacpy(&idev->src, btd_adapter_get_address(adapter)); > > bacpy(&idev->dst, device_get_address(device)); > > I've applied your first patch, but I'd like to understand a bit better > how you'd end up in this situation. Is this accomplishable through BlueZ > APIs or only if one goes and messes with the storage directly? Either > way, is this the best approach or should we consider still creating the > input device but just ignore the bits that depend on the SDP record? I rm'ed the file in the cache/ directory. I'm not too fussed about what the end result actually is, it just shouldn't crash. The same patch with a warning that you shouldn't fiddle with the cache directory would be fine as well ;) ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 2/2] input: Fix crash when SDP record isn't available 2013-12-07 21:45 ` Bastien Nocera @ 2013-12-10 9:08 ` Johan Hedberg 0 siblings, 0 replies; 4+ messages in thread From: Johan Hedberg @ 2013-12-10 9:08 UTC (permalink / raw) To: Bastien Nocera; +Cc: linux-bluetooth Hi Bastien, On Sat, Dec 07, 2013, Bastien Nocera wrote: > On Sat, 2013-12-07 at 21:52 +0400, Johan Hedberg wrote: > > Hi Bastien, > > > > On Sat, Dec 07, 2013, Bastien Nocera wrote: > > > On startup, if the SDP cache has been removed but the pairing > > > information is still present, we'd crash trying to access inside a > > > NULL record struct. > > > --- > > > profiles/input/device.c | 3 +++ > > > 1 file changed, 3 insertions(+) > > > > > > diff --git a/profiles/input/device.c b/profiles/input/device.c > > > index 521aca8..62f6dbb 100644 > > > --- a/profiles/input/device.c > > > +++ b/profiles/input/device.c > > > @@ -811,6 +811,9 @@ static struct input_device *input_device_new(struct btd_service *service) > > > struct input_device *idev; > > > char name[HCI_MAX_NAME_LENGTH + 1]; > > > > > > + if (!rec) > > > + return NULL; > > > + > > > idev = g_new0(struct input_device, 1); > > > bacpy(&idev->src, btd_adapter_get_address(adapter)); > > > bacpy(&idev->dst, device_get_address(device)); > > > > I've applied your first patch, but I'd like to understand a bit better > > how you'd end up in this situation. Is this accomplishable through BlueZ > > APIs or only if one goes and messes with the storage directly? Either > > way, is this the best approach or should we consider still creating the > > input device but just ignore the bits that depend on the SDP record? > > I rm'ed the file in the cache/ directory. I'm not too fussed about what > the end result actually is, it just shouldn't crash. The same patch with > a warning that you shouldn't fiddle with the cache directory would be > fine as well ;) Fair enough. I've applied the patch now. Thanks. Johan ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-12-10 9:08 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2013-12-07 14:53 [PATCH 2/2] input: Fix crash when SDP record isn't available Bastien Nocera 2013-12-07 17:52 ` Johan Hedberg 2013-12-07 21:45 ` Bastien Nocera 2013-12-10 9:08 ` Johan Hedberg
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox