[PW_SID:947676] [v1] dbus: Fix add invalid memory during interface removal #2755
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch adds workflow files for ci:
[sync.yml]
- runs every 30 mins.
- sync repo with upstream repo and rebase workflow branch to tip of
master.
- creates PR after reading patches from patchwork.kernel.org
[ci.yml]
- Tests the following checks:
- checkpatch
- gitlint
- make
- make check
[code_scan.yml]
- Static code checker: Coverity and Clang
- Coverity: Submit the result to the coverity website
- Clang Code Scan: Send email with result file to the internal team
To simplify the history, new change will amend to this patch without
creating new patch.
test setp
register_service <uuid>
register_application <uuid>
unregister_service <uuid>
unregister_application
register_service <uuid>
register_application <uuid>
core dump
invalidate_parent_data is called to add the service to the application's
glist when unregister_service. However, this service has already been
added to the glist of root object in register_service. This results in
services existing in both queues,but only the services in the
application's glist are freed upon removal. A null address is stored
in root object's glist, a crash dump will occur when get_object is called.
Add a check for the parent pointer to avoid adding the service again.
0 0x0000007ff7df6058 in dbus_message_iter_append_basic ()
from /usr/lib/libdbus-1.so.3
1 0x00000055555a3780 in append_object (data=0x31306666,
user_data=0x7ffffff760) at /usr/src/debug/bluez5/5.72/gdbus/object.c:1117
2 0x0000007ff7ece0cc in g_slist_foreach () from /usr/lib/libglib-2.0.so.0
3 0x00000055555a37ac in append_object (data=0x5555642cf0,
user_data=0x7ffffff760) at /usr/src/debug/bluez5/5.72/gdbus/object.c:1122
4 0x0000007ff7ece0cc in g_slist_foreach () from /usr/lib/libglib-2.0.so.0
5 0x00000055555a3630 in get_objects (connection=<optimized out>,
message=<optimized out>, user_data=0x555563b390)
at /usr/src/debug/bluez5/5.72/gdbus/object.c:1154
6 0x00000055555a51d0 in process_message (
connection=connection@entry=0x5555639310,
message=message@entry=0x5555649ac0,
method=method@entry=0x55555facf8 <manager_methods>,
iface_user_data=<optimized out>)
at /usr/src/debug/bluez5/5.72/gdbus/object.c:246
7 0x00000055555a575c in generic_message (connection=0x5555639310,
message=0x5555649ac0, user_data=<optimized out>)
Signed-off-by: Shuai Zhang <quic_shuaz@quicinc.com>
Owner
Author
|
CheckPatch |
Owner
Author
|
GitLint |
Owner
Author
|
BuildEll |
Owner
Author
|
BluezMake |
Owner
Author
|
MakeCheck |
Owner
Author
|
MakeDistcheck |
Owner
Author
|
CheckValgrind |
Owner
Author
|
CheckSmatch |
Owner
Author
|
bluezmakeextell |
Owner
Author
|
IncrementalBuild |
Owner
Author
|
ScanBuild |
github-actions
bot
force-pushed
the
workflow
branch
7 times, most recently
from
a6c8b9c to
d9941ad
Compare
github-actions
bot
force-pushed
the
workflow
branch
5 times, most recently
from
a65fdba to
89a49a5
Compare
github-actions
bot
force-pushed
the
workflow
branch
3 times, most recently
from
df874a4 to
b5c1fe6
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
test setp
register_service
register_application
unregister_service
unregister_application
register_service
register_application
core dump
invalidate_parent_data is called to add the service to the application's
glist when unregister_service. However, this service has already been
added to the glist of root object in register_service. This results in
services existing in both queues,but only the services in the
application's glist are freed upon removal. A null address is stored
in root object's glist, a crash dump will occur when get_object is called.
Add a check for the parent pointer to avoid adding the service again.
0 0x0000007ff7df6058 in dbus_message_iter_append_basic ()
from /usr/lib/libdbus-1.so.3
1 0x00000055555a3780 in append_object (data=0x31306666,
user_data=0x7ffffff760) at /usr/src/debug/bluez5/5.72/gdbus/object.c:1117
2 0x0000007ff7ece0cc in g_slist_foreach () from /usr/lib/libglib-2.0.so.0
3 0x00000055555a37ac in append_object (data=0x5555642cf0,
user_data=0x7ffffff760) at /usr/src/debug/bluez5/5.72/gdbus/object.c:1122
4 0x0000007ff7ece0cc in g_slist_foreach () from /usr/lib/libglib-2.0.so.0
5 0x00000055555a3630 in get_objects (connection=,
message=, user_data=0x555563b390)
at /usr/src/debug/bluez5/5.72/gdbus/object.c:1154
6 0x00000055555a51d0 in process_message (
connection=connection@entry=0x5555639310,
message=message@entry=0x5555649ac0,
method=method@entry=0x55555facf8 <manager_methods>,
iface_user_data=)
at /usr/src/debug/bluez5/5.72/gdbus/object.c:246
7 0x00000055555a575c in generic_message (connection=0x5555639310,
message=0x5555649ac0, user_data=)
Signed-off-by: Shuai Zhang quic_shuaz@quicinc.com
gdbus/object.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)