From: Johan Hedberg <johan.hedberg@gmail.com>
To: Ilya Basin <basinilya@gmail.com>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: Re[2]: 4.76 possible regression: bluetoothd segfaults when launching bluetooth programs
Date: Tue, 26 Oct 2010 10:19:13 -0400 [thread overview]
Message-ID: <20101026141913.GA11973@jh-x301> (raw)
In-Reply-To: <1602793498.20101026170445@gmail.com>
Hi Ilya,
On Tue, Oct 26, 2010, Ilya Basin wrote:
> JH> have all debug symbols enabled. Could you try to reproduce this with
> JH> latest bluez git. You don't need to install anything but just compile
>
> segfaults start after this commit:
> [d5e700051b1263b2028331d41d60de02a5a6f90e] Fix append_variant_array()
> to take a number of elements
>
> Not every BT program kills bluetoothd, but Smartcam does.
> http://sourceforge.net/projects/smartcam/
> [il@IL bluez]$ smartcam
> smartcam: registered DBUS service "org.gnome.smartcam"
> Found smartcam device file: /dev/video0
> smartcam: started comm thread
> smartcam: port = 1
> sdp_record_register: Protocol error
Thanks for the info. This program seems to add a somehow malformed
service record which is the cause of the crash. Before the patch you
pointed out a NULL pointer was used to detect the end of a pointer array
and so bt_uuid2string() returning NULL for this service record didn't
cause any bad behavior (since the code just stopped iterating a pointer
array after this). However after the patch the code uses an explicit
integer value for the list length and would try to dereference the NULL
pointer in the middle of the list.
I've now pushed a patch to git which should fix this:
http://git.kernel.org/?p=bluetooth/bluez.git;a=commitdiff;h=e31d21c7f238352893a365ab50642707c44087cd
Please do a git pull and see if it really fixes the issue for you.
Thanks.
Johan
next prev parent reply other threads:[~2010-10-26 14:19 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-24 12:38 4.76 possible regression: bluetoothd segfaults when launching bluetooth programs Ilya Basin
2010-10-25 20:40 ` Johan Hedberg
2010-10-26 13:04 ` Re[2]: " Ilya Basin
2010-10-26 14:19 ` Johan Hedberg [this message]
2010-10-26 19:02 ` Re[4]: " Ilya Basin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101026141913.GA11973@jh-x301 \
--to=johan.hedberg@gmail.com \
--cc=basinilya@gmail.com \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).