* [PATCH BlueZ] shared/log: Fix not checking vasprintf return
@ 2023-09-18 21:22 Luiz Augusto von Dentz
2023-09-18 22:38 ` [BlueZ] " bluez.test.bot
2023-09-19 19:20 ` [PATCH BlueZ] " patchwork-bot+bluetooth
0 siblings, 2 replies; 3+ messages in thread
From: Luiz Augusto von Dentz @ 2023-09-18 21:22 UTC (permalink / raw)
To: linux-bluetooth
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
It seems like some implementation of vasprintf set the content of the
str to NULL rather then returning -1 causing the following errors:
=================================================================
==216204==ERROR: AddressSanitizer: attempting free on address which
was not malloc()-ed: 0x55e787722cf0 in thread T0
#0 0x55e784f75872 in __interceptor_free.part.0 asan_malloc_linux.cpp.o
#1 0x55e7850e55f9 in bt_log_vprintf
/usr/src/debug/bluez-git/bluez-git/src/shared/log.c:154:2
#2 0x55e78502db18 in monitor_log
/usr/src/debug/bluez-git/bluez-git/src/log.c:40:2
#3 0x55e78502dab4 in info
/usr/src/debug/bluez-git/bluez-git/src/log.c:52:2
#4 0x55e78502e314 in __btd_log_init
/usr/src/debug/bluez-git/bluez-git/src/log.c:179:2
#5 0x55e78502aa63 in main
/usr/src/debug/bluez-git/bluez-git/src/main.c:1388:2
#6 0x7f1d5fe27ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId:
316d0d3666387f0e8fb98773f51aa1801027c5ab)
#7 0x7f1d5fe27d89 in __libc_start_main
(/usr/lib/libc.so.6+0x27d89) (BuildId:
316d0d3666387f0e8fb98773f51aa1801027c5ab)
#8 0x55e784e88084 in _start
(/usr/lib/bluetooth/bluetoothd+0x36084) (BuildId:
19348ea642303b701c033d773055becb623fe79a)
Address 0x55e787722cf0 is a wild pointer inside of access range of
size 0x000000000001.
SUMMARY: AddressSanitizer: bad-free asan_malloc_linux.cpp.o in
__interceptor_free.part.0
==216204==ABORTING
сен 18 13:10:02 archlinux systemd[1]: bluetooth.service: Main process
exited, code=exited, status=1/FAILURE
---
src/shared/log.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/log.c b/src/shared/log.c
index 3f18e803d8e9..22b9850f6f11 100644
--- a/src/shared/log.c
+++ b/src/shared/log.c
@@ -135,7 +135,7 @@ int bt_log_vprintf(uint16_t index, const char *label, int level,
int len;
len = vasprintf(&str, format, ap);
- if (len < 0)
+ if (len < 0 || !str)
return errno;
len = strlen(str);
--
2.41.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* RE: [BlueZ] shared/log: Fix not checking vasprintf return
2023-09-18 21:22 [PATCH BlueZ] shared/log: Fix not checking vasprintf return Luiz Augusto von Dentz
@ 2023-09-18 22:38 ` bluez.test.bot
2023-09-19 19:20 ` [PATCH BlueZ] " patchwork-bot+bluetooth
1 sibling, 0 replies; 3+ messages in thread
From: bluez.test.bot @ 2023-09-18 22:38 UTC (permalink / raw)
To: linux-bluetooth, luiz.dentz
[-- Attachment #1: Type: text/plain, Size: 1894 bytes --]
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=785362
---Test result---
Test Summary:
CheckPatch FAIL 0.74 seconds
GitLint PASS 0.37 seconds
BuildEll PASS 28.85 seconds
BluezMake PASS 893.48 seconds
MakeCheck PASS 12.88 seconds
MakeDistcheck PASS 161.29 seconds
CheckValgrind PASS 262.51 seconds
CheckSmatch PASS 355.74 seconds
bluezmakeextell PASS 108.95 seconds
IncrementalBuild PASS 729.31 seconds
ScanBuild PASS 1087.86 seconds
Details
##############################
Test: CheckPatch - FAIL
Desc: Run checkpatch.pl script
Output:
[BlueZ] shared/log: Fix not checking vasprintf return
WARNING:COMMIT_LOG_LONG_LINE: Possible unwrapped commit description (prefer a maximum 75 chars per line)
#88:
#0 0x55e784f75872 in __interceptor_free.part.0 asan_malloc_linux.cpp.o
/github/workspace/src/src/13390493.patch total: 0 errors, 1 warnings, 8 lines checked
NOTE: For some of the reported defects, checkpatch may be able to
mechanically convert to the typical style using --fix or --fix-inplace.
/github/workspace/src/src/13390493.patch has style problems, please review.
NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO
NOTE: If any of the errors are false positives, please report
them to the maintainer, see CHECKPATCH in MAINTAINERS.
---
Regards,
Linux Bluetooth
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH BlueZ] shared/log: Fix not checking vasprintf return
2023-09-18 21:22 [PATCH BlueZ] shared/log: Fix not checking vasprintf return Luiz Augusto von Dentz
2023-09-18 22:38 ` [BlueZ] " bluez.test.bot
@ 2023-09-19 19:20 ` patchwork-bot+bluetooth
1 sibling, 0 replies; 3+ messages in thread
From: patchwork-bot+bluetooth @ 2023-09-19 19:20 UTC (permalink / raw)
To: Luiz Augusto von Dentz; +Cc: linux-bluetooth
Hello:
This patch was applied to bluetooth/bluez.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>:
On Mon, 18 Sep 2023 14:22:19 -0700 you wrote:
> From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
>
> It seems like some implementation of vasprintf set the content of the
> str to NULL rather then returning -1 causing the following errors:
>
> =================================================================
> ==216204==ERROR: AddressSanitizer: attempting free on address which
> was not malloc()-ed: 0x55e787722cf0 in thread T0
> #0 0x55e784f75872 in __interceptor_free.part.0 asan_malloc_linux.cpp.o
> #1 0x55e7850e55f9 in bt_log_vprintf
> /usr/src/debug/bluez-git/bluez-git/src/shared/log.c:154:2
> #2 0x55e78502db18 in monitor_log
> /usr/src/debug/bluez-git/bluez-git/src/log.c:40:2
> #3 0x55e78502dab4 in info
> /usr/src/debug/bluez-git/bluez-git/src/log.c:52:2
> #4 0x55e78502e314 in __btd_log_init
> /usr/src/debug/bluez-git/bluez-git/src/log.c:179:2
> #5 0x55e78502aa63 in main
> /usr/src/debug/bluez-git/bluez-git/src/main.c:1388:2
> #6 0x7f1d5fe27ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId:
> 316d0d3666387f0e8fb98773f51aa1801027c5ab)
> #7 0x7f1d5fe27d89 in __libc_start_main
> (/usr/lib/libc.so.6+0x27d89) (BuildId:
> 316d0d3666387f0e8fb98773f51aa1801027c5ab)
> #8 0x55e784e88084 in _start
> (/usr/lib/bluetooth/bluetoothd+0x36084) (BuildId:
> 19348ea642303b701c033d773055becb623fe79a)
> Address 0x55e787722cf0 is a wild pointer inside of access range of
> size 0x000000000001.
> SUMMARY: AddressSanitizer: bad-free asan_malloc_linux.cpp.o in
> __interceptor_free.part.0
> ==216204==ABORTING
> сен 18 13:10:02 archlinux systemd[1]: bluetooth.service: Main process
> exited, code=exited, status=1/FAILURE
>
> [...]
Here is the summary with links:
- [BlueZ] shared/log: Fix not checking vasprintf return
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=6169001a2b57
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-09-19 19:20 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-18 21:22 [PATCH BlueZ] shared/log: Fix not checking vasprintf return Luiz Augusto von Dentz
2023-09-18 22:38 ` [BlueZ] " bluez.test.bot
2023-09-19 19:20 ` [PATCH BlueZ] " patchwork-bot+bluetooth
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).