Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp708360pxa; Fri, 14 Aug 2020 16:07:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx3qzMqoUaOEKiwQDXj2jtgVG+i4V3njHfazaOZe8rp0Tiewf8BIFl492YgAmuSmX1d9DMZ X-Received: by 2002:a50:954d:: with SMTP id v13mr4583698eda.337.1597446428871; Fri, 14 Aug 2020 16:07:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597446428; cv=none; d=google.com; s=arc-20160816; b=gBQUjiOPULHqGRLyCiwQOyCsSn3YdLgVru+BMSMa09+2/l3anOwlS9PoDnHt3qfU/E BhoyhdAe2if3uzIJWPs/s3AuwryLt9k4BWPJ6moxoI0eWZh0L0UQIlPf4FgDvOXArKSH mfZ0rT04+FJ4s5TggAqL2MP3nHMR/Ki2nRy47YvRYL3sawpupkOMRmEuoCGSfQ/mnES1 +C6WYeh9kxC3/o/MivVqldbA8/04W3MyHjvxBF/trzB+cIoH89JrFklgdpT8czxNKIYD 1UsQTtA4nyoOKMZmonO+47d8VY9dnUeIWTxlxfmKvm9K9zpT3tImnHjgcAa1BiRGrBiC SRaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:mime-version :message-id:date:dkim-signature; bh=DYBPrA8sCUr9nfv4S2QQxK9888V5PiTctZCZCYiPjog=; b=mkhZnDRiOKYXAnxmiTbc4D/yIW7qg2Lx3bUHAKjRQa9pU0vpTxX41dJBPSZFrpdg5+ 54k5U+dEknIRZbhTggVi+F1s/pZO8vBHKFXsK/sl2p/j3XSMDhK/wii4SdfnRin8V3qU s2MY2JupHMfk0VcdpjWsiR29VIeEWu7MutunRCtStiOvlsG6/5QVFzVz+zdB7K7V387u MsHxR3LZF6JsGgLiAtFIOMxYh08VbXUb79k6M4yW51GHuIlB1CFErqzKpX2Q26A2M5PK SADtPeuJdxl0fQIgK08spGf3kYmVRZWm14KQHcpY93czPN8CsHXiXHeRZ1iSZR6fxF8M aOaA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=U3orD6F3; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g6si6261410ejr.426.2020.08.14.16.06.35; Fri, 14 Aug 2020 16:07:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=U3orD6F3; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726241AbgHNW6Y (ORCPT + 99 others); Fri, 14 Aug 2020 18:58:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60080 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726213AbgHNW6X (ORCPT ); Fri, 14 Aug 2020 18:58:23 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D70F9C061385 for ; Fri, 14 Aug 2020 15:58:23 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id t13so7255943pjd.0 for ; Fri, 14 Aug 2020 15:58:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=DYBPrA8sCUr9nfv4S2QQxK9888V5PiTctZCZCYiPjog=; b=U3orD6F3Izflh9/TcLR+xnPcE9gpu7GMgVOivUGX+0/T5eFnMUJKcnArweJMGsr4Jj 6smMB4lntcFs9sOUQz+VS6OMvC1BCbuhs4Ij5wZbOGapJdLT/aoR82X7/aLvYhihZpSO ePNcpjlUjWohdtOiJJK6uUorDbW1Np96+l4EI2R3EEDVDcTuaHnkYrjcjIgLEgYPsvgN nlYi6fgL1O5MlFHJfXvUCoKuUCepl01y/Fvll63tDj0sXVXNlGqD2aeHSrMuy3ShtKLf H3VjKaiY1Nkw+1lJNGgZe63DfOTx/u+UPOoP5P+DO+xBMLqNPqXhLMdwdE5CbC/EYqjR C7UA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=DYBPrA8sCUr9nfv4S2QQxK9888V5PiTctZCZCYiPjog=; b=MqzZ1OKNQySwKh+YfjlEZAxgo5wZTJsK7ssESY40e3eIO7Hp+Zy+0B4N8LaXIAKVVP lUtzuSRTOCTq/XZ2vxBnEQS03vZ9PQS3dCKnLb0EsPWb+jSZYksj5t9jG/wt8SvbTKIP Avo1BFLf6r0DGpv+/ZTXnFaMJzACa19Dex+j+0asiI8Y2ZY8xAaEkOn7arxMkFhxjtzS qrpYVzqLOLelMj95O+UgTmju44/lJ0wzLTma50j824dkQpFbeny3bYZMIlLK4xQdVwKF LKuB3XeryL7VEvvxEOG16hxH3SDVQTG7muDuml5MbIUzF4bUSw5MP2wRKFl7ihs3MgFx Mw2g== X-Gm-Message-State: AOAM530Ot15v6Zcg0AOZLkQhiK1W5C7WHbppGQwbBgUdrj7StWpoTo58 rfVWM+a6ofupZdvyIzY3u65fMDue5sQ9M89JeAb5 X-Received: by 2002:a17:90b:193:: with SMTP id t19mr4018900pjs.162.1597445902591; Fri, 14 Aug 2020 15:58:22 -0700 (PDT) Date: Fri, 14 Aug 2020 15:58:18 -0700 Message-Id: <20200814155807.Bluez.1.Ia90c97ad9ec0b51b7aaae1216864e8379c1470d5@changeid> Mime-Version: 1.0 X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [Bluez PATCH] advertising: Fix dbus response for over-advertising From: Daniel Winkler To: simon.mikuda@streamunlimited.com, linux-bluetooth@vger.kernel.org Cc: chromeos-bluetooth-upstreaming@chromium.org, Daniel Winkler , Sonny Sasaka Content-Type: text/plain; charset="UTF-8" Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org client_free would always send a dbus method_return to fix the case where a request to Unregister occurred before the MGMT call returned. However, in the code path where too many advertisements are registered, this method_return prevents the failure from being sent properly. This patch makes sure the reference to the register_advertisement DBusMessage is not stored in the client structure until the end of register_advertisement. This ensures that we only respond once, either in register_advertisement or in client_free, not both. It also changes the dbus response in the fast unregister_advertisement case from a method_return to a btd_error_failed, since the registration was never allowed to complete, and thus was not successful. The patch was tested in the following ways: To verify it did not break the segfault fix in caff2b48ca54bbc57b5da3f63317767489aa5b48, I repro'd the failure by quickly unregistering after registering, and verified that the segfault is still fixed with this change. Ran through our automated tests that register too many advertisements and verify that the registration fails with the intended "Maximum Advertisements Reached" error response. Reviewed-by: Sonny Sasaka --- src/advertising.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/advertising.c b/src/advertising.c index 076d591b6..e5f25948d 100644 --- a/src/advertising.c +++ b/src/advertising.c @@ -119,9 +119,13 @@ static void client_free(void *data) } if (client->reg) { - g_dbus_send_message(btd_get_dbus_connection(), - dbus_message_new_method_return(client->reg)); + DBusMessage *reply; + + reply = btd_error_failed(client->reg, + "Failed to complete registration"); + g_dbus_send_message(btd_get_dbus_connection(), reply); dbus_message_unref(client->reg); + client->reg = NULL; } if (client->add_adv_id) @@ -1152,8 +1156,6 @@ static struct btd_adv_client *client_create(struct btd_adv_manager *manager, g_dbus_client_set_proxy_handlers(client->client, client_proxy_added, NULL, NULL, client); - client->reg = dbus_message_ref(msg); - client->data = bt_ad_new(); if (!client->data) goto fail; @@ -1216,6 +1218,8 @@ static DBusMessage *register_advertisement(DBusConnection *conn, DBG("Registered advertisement at path %s", match.path); + client->reg = dbus_message_ref(msg); + queue_push_tail(manager->clients, client); return NULL; -- 2.28.0.220.ged08abb693-goog