From: patchwork-bot+bluetooth@kernel.org
To: Yuxuan-Hu <20373622@buaa.edu.cn>
Cc: marcel@holtmann.org, johan.hedberg@gmail.com,
luiz.dentz@gmail.com, linux-bluetooth@vger.kernel.org,
linux-kernel@vger.kernel.org, baijiaju1990@gmail.com,
sy2239101@buaa.edu.cn, pmenzel@molgen.mpg.de
Subject: Re: [PATCH V3] Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
Date: Mon, 08 Jan 2024 18:00:24 +0000 [thread overview]
Message-ID: <170473682437.30343.8024937175045116311.git-patchwork-notify@kernel.org> (raw)
In-Reply-To: <20240103091043.3379363-1-20373622@buaa.edu.cn>
Hello:
This patch was applied to bluetooth/bluetooth-next.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>:
On Wed, 3 Jan 2024 17:10:43 +0800 you wrote:
> During our fuzz testing of the connection and disconnection process at the
> RFCOMM layer, we discovered this bug. By comparing the packets from a
> normal connection and disconnection process with the testcase that
> triggered a KASAN report. We analyzed the cause of this bug as follows:
>
> 1. In the packets captured during a normal connection, the host sends a
> `Read Encryption Key Size` type of `HCI_CMD` packet
> (Command Opcode: 0x1408) to the controller to inquire the length of
> encryption key.After receiving this packet, the controller immediately
> replies with a Command Completepacket (Event Code: 0x0e) to return the
> Encryption Key Size.
>
> [...]
Here is the summary with links:
- [V3] Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
https://git.kernel.org/bluetooth/bluetooth-next/c/6ec00b0737fe
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
next prev parent reply other threads:[~2024-01-08 18:00 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-03 9:10 [PATCH V3] Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security Yuxuan Hu
2024-01-08 18:00 ` patchwork-bot+bluetooth [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-01-03 9:02 Yuxuan Hu
2024-01-08 11:28 ` Yuxuan-Hu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=170473682437.30343.8024937175045116311.git-patchwork-notify@kernel.org \
--to=patchwork-bot+bluetooth@kernel.org \
--cc=20373622@buaa.edu.cn \
--cc=baijiaju1990@gmail.com \
--cc=johan.hedberg@gmail.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
--cc=marcel@holtmann.org \
--cc=pmenzel@molgen.mpg.de \
--cc=sy2239101@buaa.edu.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox