LinuxLists.cc - [PATCH BlueZ 0/6] [v4] Fix bugs found by SVACE static analisys tool

2022-04-01 15:45:28

Subject: [PATCH BlueZ 0/6] [v4] Fix bugs found by SVACE static analisys tool

This patch set includes few fixes that was found by Linux Verification Center
(linuxtesting.org) with the SVACE static analysis tool.

I have manually filtered out non-relevant and false positive problems and only
procedeed with bugs that currently lead to some errors/vulnerabilities or may
lead to them in some specific conditions.

Changelog:
[v4] one patch was dropped due to overchecking, seems that it is not required
[v3] one fix wasn't staged, sorry, one more fix after CI checks
[v2] some minor style fixes after CI check.
[v1] initial version.

Ildar Kamaletdinov (6):
monitor: Fix out-of-bound read in print_le_states
tools: Fix buffer overflow in hciattach_tialt.c
tools: Fix signed integer overflow in btsnoop.c
tools: Limit width of fields in sscanf
device: Limit width of fields in sscanf
gatt: Fix double free and freed memory dereference

monitor/packet.c | 7 ++++---
src/device.c | 14 +++++++-------
src/gatt-database.c | 4 ++++
tools/btmgmt.c | 2 +-
tools/btsnoop.c | 2 +-
tools/hciattach_tialt.c | 3 ++-
tools/hex2hcd.c | 2 +-
7 files changed, 20 insertions(+), 14 deletions(-)

--
2.35.1

2022-04-05 00:53:32

by patchwork-bot+bluetooth

[permalink] [raw]

Subject: Re: [PATCH BlueZ 0/6] [v4] Fix bugs found by SVACE static analisys tool

Hello:

This series was applied to bluetooth/bluez.git (master)
by Luiz Augusto von Dentz <[email protected]>:

On Fri, 1 Apr 2022 15:16:41 +0300 you wrote:
> This patch set includes few fixes that was found by Linux Verification Center
> (linuxtesting.org) with the SVACE static analysis tool.
>
> I have manually filtered out non-relevant and false positive problems and only
> procedeed with bugs that currently lead to some errors/vulnerabilities or may
> lead to them in some specific conditions.
>
> [...]

Here is the summary with links:
- [BlueZ,1/6] monitor: Fix out-of-bound read in print_le_states
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=7fdfb67284a2
- [BlueZ,2/6] tools: Fix buffer overflow in hciattach_tialt.c
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=d328abaa1715
- [BlueZ,3/6] tools: Fix signed integer overflow in btsnoop.c
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=497a0b220dbd
- [BlueZ,4/6] tools: Limit width of fields in sscanf
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=1e664b9838cd
- [BlueZ,5/6] device: Limit width of fields in sscanf
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=4afbef7790ce
- [BlueZ,6/6] gatt: Fix double free and freed memory dereference
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=3627eddea130

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html