[bluez/bluez] 5c3408: shared/shell: Fix crash on bluetoothctl command co...

public inbox for linux-bluetooth@vger.kernel.org
 help / color / mirror / Atom feed

* [bluez/bluez] 5c3408: shared/shell: Fix crash on bluetoothctl command co...
@ 2026-03-19 14:15 hadess
  0 siblings, 0 replies; only message in thread
From: hadess @ 2026-03-19 14:15 UTC (permalink / raw)
  To: linux-bluetooth

  Branch: refs/heads/1069297
  Home:   https://github.com/bluez/bluez
  Commit: 5c340857c7e14c9ed7c9bd020425de9eefa88843
      https://github.com/bluez/bluez/commit/5c340857c7e14c9ed7c9bd020425de9eefa88843
  Author: Bastien Nocera <hadess@hadess.net>
  Date:   2026-03-19 (Thu, 19 Mar 2026)

  Changed paths:
    M src/shared/shell.c

  Log Message:
  -----------
  shared/shell: Fix crash on bluetoothctl command completion

Don't try to complete empty commands, leading to invalid reads and
crashes.

==1430873== Invalid read of size 1
==1430873==    at 0x484BC77: strcmp (vg_replace_strmem.c:941)
==1430873==    by 0x435063: menu_completion (shell.c:1126)
==1430873==    by 0x4352F0: shell_completion (shell.c:1177)
==1430873==    by 0x4A2542B: gen_completion_matches (complete.c:1282)
==1430873==    by 0x4A2E9CD: rl_complete_internal (complete.c:2104)
==1430873==    by 0x4A257C2: _rl_dispatch_subseq (readline.c:944)
==1430873==    by 0x4A26ADF: readline_internal_char (readline.c:693)
==1430873==    by 0x4A46CE4: rl_callback_read_char (callback.c:275)
==1430873==    by 0x435E54: bt_shell_input_line (shell.c:309)
==1430873==    by 0x436A34: watch_callback (io-glib.c:173)
==1430873==    by 0x490A322: g_main_dispatch (gmain.c:3565)
==1430873==    by 0x490A322: g_main_context_dispatch_unlocked.lto_priv.0 (gmain.c:4425)
==1430873==    by 0x4913277: g_main_context_iterate_unlocked.isra.0 (gmain.c:4490)
==1430873==  Address 0x0 is not stack'd, malloc'd or (recently) free'd

==1516885==    at 0x484A126: rindex (vg_replace_strmem.c:216)
==1516885==    by 0x4353AA: submenu_completion (shell.c:1153)
==1516885==    by 0x4353AA: shell_completion (shell.c:1187)
==1516885==    by 0x4A2542B: gen_completion_matches (complete.c:1282)
==1516885==    by 0x4A2E9CD: rl_complete_internal (complete.c:2104)
==1516885==    by 0x4A257C2: _rl_dispatch_subseq (readline.c:944)
==1516885==    by 0x4A26ADF: readline_internal_char (readline.c:693)
==1516885==    by 0x4A46CE4: rl_callback_read_char (callback.c:275)
==1516885==    by 0x435E94: bt_shell_input_line (shell.c:309)
==1516885==    by 0x436A74: watch_callback (io-glib.c:173)
==1516885==    by 0x490A322: g_main_dispatch (gmain.c:3565)
==1516885==    by 0x490A322: g_main_context_dispatch_unlocked.lto_priv.0 (gmain.c:4425)
==1516885==    by 0x4913277: g_main_context_iterate_unlocked.isra.0 (gmain.c:4490)
==1516885==    by 0x491351E: g_main_loop_run (gmain.c:4695)
==1516885==  Address 0x0 is not stack'd, malloc'd or (recently) free'd

Reported-by: Wouter <wouter@xesxen.nl>



To unsubscribe from these emails, change your notification settings at https://github.com/bluez/bluez/settings/notifications

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2026-03-19 14:15 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-19 14:15 [bluez/bluez] 5c3408: shared/shell: Fix crash on bluetoothctl command co hadess

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox