[PATCH BlueZ v1 2/4] monitor: Fix crash parsing notification

public inbox for linux-bluetooth@vger.kernel.org
 help / color / mirror / Atom feed

From: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
To: linux-bluetooth@vger.kernel.org
Subject: [PATCH BlueZ v1 2/4] monitor: Fix crash parsing notification
Date: Wed, 31 Jul 2024 14:57:16 +0100	[thread overview]
Message-ID: <20240731135718.429604-2-luiz.dentz@gmail.com> (raw)
In-Reply-To: <20240731135718.429604-1-luiz.dentz@gmail.com>

From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

This fixes the following crash caused by notify callback being NULL:

Jump to the invalid address stated on the next line
   at 0x0: ???
   by 0x1E8375: print_notify (att.c:5420)
   by 0x1E9464: att_multiple_vl_rsp (att.c:5463)
   by 0x20D39E: att_packet (att.c:5637)
   by 0x1B2054: l2cap_frame (l2cap.c:2567)
   by 0x1B4A4D: l2cap_packet (l2cap.c:2708)
   by 0x19AD43: packet_hci_acldata (packet.c:12522)
   by 0x19CF07: packet_monitor (packet.c:4249)
   by 0x152405: data_callback (control.c:973)
   by 0x2204F6: mainloop_run (mainloop.c:106)
   by 0x221017: mainloop_run_with_signal (mainloop-notify.c:189)
   by 0x14F387: main (main.c:298)
 Address 0x0 is not stack'd, malloc'd or (recently) free'd
---
 monitor/att.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/monitor/att.c b/monitor/att.c
index a23347ef7..73a616584 100644
--- a/monitor/att.c
+++ b/monitor/att.c
@@ -4646,7 +4646,8 @@ static void print_notify(const struct l2cap_frame *frame, uint16_t handle,
 		frame = &clone;
 	}
 
-	handler->notify(frame);
+	if (handler->notify)
+		handler->notify(frame);
 }
 
 static void att_handle_value_notify(const struct l2cap_frame *frame)
-- 
2.45.0

next prev parent reply	other threads:[~2024-07-31 13:57 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-31 13:57 [PATCH BlueZ v1 1/4] client/player: Fix not setting config target_latency with edpoint.config Luiz Augusto von Dentz
2024-07-31 13:57 ` Luiz Augusto von Dentz [this message]
2024-07-31 13:57 ` [PATCH BlueZ v1 3/4] shared/bap: Fix not setting metadata Luiz Augusto von Dentz
2024-07-31 13:57 ` [PATCH BlueZ v1 4/4] bap: Fix not setting metatada Luiz Augusto von Dentz
2024-07-31 16:58 ` [BlueZ,v1,1/4] client/player: Fix not setting config target_latency with edpoint.config bluez.test.bot
2024-07-31 17:10 ` [PATCH BlueZ v1 1/4] " patchwork-bot+bluetooth
2024-08-01  9:30 ` patchwork-bot+bluetooth

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:a23347ef dfblob:73a61658 )
 OR (
bs:"[PATCH BlueZ v1 2/4] monitor: Fix crash parsing notification" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240731135718.429604-2-luiz.dentz@gmail.com \
    --to=luiz.dentz@gmail.com \
    --cc=linux-bluetooth@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox