Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp2240974pxb; Fri, 25 Mar 2022 13:43:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyau3IxJkJQAVnJ9bdPuw8SE1LawvAwWSKmDE4T1DvV5IiCHxBQlHNCAZ3gfCTi6ak6YbAy X-Received: by 2002:a17:90b:1e0e:b0:1c7:5b03:1d8b with SMTP id pg14-20020a17090b1e0e00b001c75b031d8bmr25168371pjb.121.1648240998367; Fri, 25 Mar 2022 13:43:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648240998; cv=none; d=google.com; s=arc-20160816; b=ANr68HiFQvzfg4efSgZo7jU+u0SxAHUdnJwgL2Hegguy0P4oEI5DAGSPt4OBQ0Pq12 pZ6d4gwlu/qEl464kduEGhiDrWalnF391HxsbKoXuuspwNFnujFhXHRuwwijyGiuYiJz PqNk3qI7F5Np74hyDhMg+fo2NbibemAzcsxtwy3m4YOxCXRPq8qqimLDBy0qNJMxAeN5 SBoz5Nd84xr4VDwDc8pxBt6qMRGZnptNs7OEX9BJi+lr8oNWDZ6rfM3AbE/TCxfJ1AmV XCq046kppEwI8kTruuI9S52jcaDFOi07EByMi3+Adu2xfmegquDkT4gvez/Ki4GoO4QV TAAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=h8tP4p9WVKUrN45fwRBffMVFEJ56LowfBUZ8FA8do7I=; b=r14zlLbEsZK0nZOPm8MOUEVnytVfL86WHiP54Db5ZoY8/qrKR8IMdjNky9irpIRBql ixWdAf3Zphm6585UKsTkqD/cCCG9mn26P4B+jwXDghHVy3Ske2uWnAeVYYWkJEfx3juB JyEuDbxXgISxkjjDaC8VO0nUXLe0tJVPqubPTCXcPYgqJC8ll8ebInul1xH+sbJTzzPd KWxoKOAj3B5bfOgUtP7EVEL5lznqUXd/CLcCJ9k9PgIERik5GELIHMWNiLEIBrypMfmo n8hkVF8ckp9fiRnluf2EmyzwKa0bf0lFSG3BkO3ENrwjw2/dp7IucqdT9jP+q3NsnPHt Z6Gg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=q3KvfYof; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id j9-20020a17090a060900b001bd14e01f6csi6908955pjj.90.2022.03.25.13.43.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Mar 2022 13:43:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=q3KvfYof; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 57BE726AD8; Fri, 25 Mar 2022 13:07:05 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232327AbiCYUId (ORCPT + 99 others); Fri, 25 Mar 2022 16:08:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56724 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232897AbiCYUI0 (ORCPT ); Fri, 25 Mar 2022 16:08:26 -0400 Received: from mail-yw1-x1135.google.com (mail-yw1-x1135.google.com [IPv6:2607:f8b0:4864:20::1135]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E79541626 for ; Fri, 25 Mar 2022 13:06:12 -0700 (PDT) Received: by mail-yw1-x1135.google.com with SMTP id 00721157ae682-2d07ae0b1c4so93824407b3.11 for ; Fri, 25 Mar 2022 13:06:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=h8tP4p9WVKUrN45fwRBffMVFEJ56LowfBUZ8FA8do7I=; b=q3KvfYofXvNmYudWBr2vybHaTPKLpaKtoBdTmvCcg4nBQtMneuBOENY+6w47O0bgD7 wa+F3qF2fweCHWN08zRb4RBmjmxMFWTtknDd4jnfh4YHTL2v2g7XvwYtKDsqAEu6BRud S2fNIo7S14TF/oeb2Q1VseYGcf/elaTJVSYM1ddp5ovx41IBy4M/0hzFWKsofTwhrbyo sJeB5aOqxHto0wYIiYPIaa3/gmz/YjmQJUrm2Vl5fER+fMZzwiYn+rcDUmJm2nFSIsZi 6A9GTHu+S/6I+Tyh3wTwcVnyk3S2evaDS9K42BvFr2FAK/un6Qp/9GioFYxg+ZdLpwY9 CQHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=h8tP4p9WVKUrN45fwRBffMVFEJ56LowfBUZ8FA8do7I=; b=iCJsP/n3Oo26zCKh9Q2jmlfmoQikqTfP4SRMTgpbpSWtPahHPi5V5UXJo4zvHOtdI4 TSBxpBKPYlB7Bw3CXIDc8xU6tgU/7XMJx0fdm6eba9bNCS0noIfvuLriw5qDMNQw13x6 zoAaqZSRLYV0hxG3wcL7d7XNmI7AEgtl03I4msXvUByioM6L6ir5T4ftXUWG2BNoI7qM 9sCdVXiCu3BXYQuVDrxFZk3Qv1v+Fu/DV4B0Tqa1g2PxrELQ+Ev7lwcuT8jSpk9+8IRQ 9fuGF8uFfVeRpd4sEwIiYrVgbj0Q0KjIJKsTif6glGaAxHXZR0AiZ2VlSNd90kY2zJB/ 6R1Q== X-Gm-Message-State: AOAM532j/NHbg5alXkiH9ycqNXUXtcyV9RmAym2uVM9hy3uz8Xkl7Qmn vKJhBvqQeKNmufT//MgX/uemnv7H+8f83YG9SIdOxfJC X-Received: by 2002:a0d:d84f:0:b0:2e5:f8f1:7272 with SMTP id a76-20020a0dd84f000000b002e5f8f17272mr12836136ywe.376.1648238771096; Fri, 25 Mar 2022 13:06:11 -0700 (PDT) MIME-Version: 1.0 References: <20220325092706.17135-1-frederic.danis@collabora.com> In-Reply-To: <20220325092706.17135-1-frederic.danis@collabora.com> From: Luiz Augusto von Dentz Date: Fri, 25 Mar 2022 13:06:00 -0700 Message-ID: Subject: Re: [PATCH] a2dp: Fix crash when SEP codec has not been initialized To: =?UTF-8?B?RnLDqWTDqXJpYyBEYW5pcw==?= Cc: "linux-bluetooth@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Hi Fr=C3=A9d=C3=A9ric, On Fri, Mar 25, 2022 at 12:53 PM Fr=C3=A9d=C3=A9ric Danis wrote: > > If SEP has not been properly discovered avdtp_get_codec may return NULL > thus causing crashes such as when running AVRCP/TG/VLH/BI-01-C after > AVRCP/TG/RCR/BV-04-C > --- > profiles/audio/a2dp.c | 17 ++++++++++++++--- > 1 file changed, 14 insertions(+), 3 deletions(-) > > diff --git a/profiles/audio/a2dp.c b/profiles/audio/a2dp.c > index f761dbe54..7da008071 100644 > --- a/profiles/audio/a2dp.c > +++ b/profiles/audio/a2dp.c > @@ -1995,7 +1995,12 @@ static gboolean get_codec(const GDBusPropertyTable= *property, > { > struct a2dp_remote_sep *sep =3D data; > struct avdtp_service_capability *cap =3D avdtp_get_codec(sep->sep= ); > - struct avdtp_media_codec_capability *codec =3D (void *) cap->data= ; > + struct avdtp_media_codec_capability *codec; > + > + if (!cap) > + return FALSE; > + > + codec =3D (void *) cap->data; > > dbus_message_iter_append_basic(iter, DBUS_TYPE_BYTE, > &codec->media_codec_type)= ; > @@ -2008,10 +2013,16 @@ static gboolean get_capabilities(const GDBusPrope= rtyTable *property, > { > struct a2dp_remote_sep *sep =3D data; > struct avdtp_service_capability *service =3D avdtp_get_codec(sep-= >sep); > - struct avdtp_media_codec_capability *codec =3D (void *) service->= data; > - uint8_t *caps =3D codec->data; > + struct avdtp_media_codec_capability *codec; > + uint8_t *caps; > DBusMessageIter array; > > + if (!service) > + return FALSE; > + > + codec =3D (void *) service->data; > + caps =3D codec->data; > + > dbus_message_iter_open_container(iter, DBUS_TYPE_ARRAY, > DBUS_TYPE_BYTE_AS_STRING, &array)= ; > > -- > 2.25.1 We should either have a .exist callback or not have the endpoint registered if its codec is not available, I'm leaning toward the latter given that it is useless to have the endpoint if it cannot be used without the codec information. --=20 Luiz Augusto von Dentz