Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp1209391pxb;
        Fri, 1 Apr 2022 07:27:04 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxINTzP4i4qFs+3i9apo7xX3ZDT3p/tMenfj0L7kDp/AlNBZvDJGvX/uPYqYSwq0pvtGPps
X-Received: by 2002:a05:6a00:244a:b0:4fa:ebf9:75de with SMTP id d10-20020a056a00244a00b004faebf975demr11070280pfj.73.1648823224260;
        Fri, 01 Apr 2022 07:27:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1648823224; cv=none;
        d=google.com; s=arc-20160816;
        b=DOzvWy6KIGQB7beQQ0sZavO+q9Fl+0FUFljDKDoKI/Khh3k1yj63yacEd1x5k1Ffjn
         ojvMuyRu3ysuHUthBFkdEBsZasjDZ8bJRpYjXNgSsCVtnfRkGkXCUfUywTvUmnOlrEek
         v48m1fimYJUV0GZ89JtFqXuuLnOl+pvI89BouLoBEztg+tF/FnX1FRbOex+asmCFRZJk
         lj6GqoIvQmDDMZt5sC00wtnGzavECpmDetQLipmJPXHsuW3NRVGkFuLfJwu2YMPAyKc5
         H7mGANEDYEJ9X1jr5foBYBW2oaqxFUXbwvO7qc4k2WtbSQBdXuy3+6iXBk+e44CulHY0
         2Osw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-filter;
        bh=SA9E7vMxEZ5XqkzsxuRdt0mz9qYisvqgS8bzbvywuHY=;
        b=GsBxlGqdgWRrrBe92q86lBxMXlOf+waFc28Uh0psQUkF4TCIEUoEAUrI+eIVt5Yywt
         1X4Ka5L2V9lkWgN8THRUtY4xApaWb3qw4mKiBmaJCvoOk1CKt3WF/TFRHGbavzMV5W6s
         SYCQq0HbQxibq1PR4yO8myKnsw9tfZ3k77mcBedTto0Q4RAbikYm6assjizPcBL069eI
         F5LwkQeS52Ioz6R7HFxRHqABxuHJJ62+O6MgZs8/cEfB5YDCEpLZgzpk5vsgGhoxgjfl
         iPgLP7KmTGdRgcv0gCZ2WdDGQ2lRFd+q7LhvfM0qi+UaxfZ7OHkTjLV3dwlo25OvfY4j
         IN+w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id w27-20020a63475b000000b003816043f122si2591671pgk.791.2022.04.01.07.26.49;
        Fri, 01 Apr 2022 07:27:04 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1343546AbiDAK37 (ORCPT <rfc822;bopamo@gmail.com> + 99 others);
        Fri, 1 Apr 2022 06:29:59 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38824 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1343558AbiDAK34 (ORCPT
        <rfc822;linux-bluetooth@vger.kernel.org>);
        Fri, 1 Apr 2022 06:29:56 -0400
Received: from mxout04.lancloud.ru (mxout04.lancloud.ru [45.84.86.114])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C025526E56F
        for <linux-bluetooth@vger.kernel.org>; Fri,  1 Apr 2022 03:28:05 -0700 (PDT)
Received: from LanCloud
DKIM-Filter: OpenDKIM Filter v2.11.0 mxout04.lancloud.ru CAD2220C8D4E
Received: from LanCloud
Received: from LanCloud
Received: from LanCloud
From:   Ildar Kamaletdinov <i.kamaletdinov@omp.ru>
To:     <linux-bluetooth@vger.kernel.org>
CC:     Ildar Kamaletdinov <i.kamaletdinov@omp.ru>
Subject: [PATCH BlueZ 0/7] v2 Fix bugs found by SVACE static analisys tool
Date:   Fri, 1 Apr 2022 13:27:50 +0300
Message-ID: <20220401102757.3960551-1-i.kamaletdinov@omp.ru>
X-Mailer: git-send-email 2.35.1
MIME-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type:   text/plain; charset=US-ASCII
X-Originating-IP: [192.168.11.198]
X-ClientProxiedBy: LFEXT01.lancloud.ru (fd00:f066::141) To
 LFEX1910.lancloud.ru (fd00:f066::80)
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE,
        SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org

This patch set includes few fixes that was found by Linux Verification Center
(linuxtesting.org) with the SVACE static analysis tool.

I have manually filtered out non-relevant and false positive problems and only
procedeed with bugs that currently lead to some errors/vulnerabilities or may
lead to them in some specific conditions.

Changelog:
v2 some minor style fixes after CI check.
v1 initial version.

Ildar Kamaletdinov (7):
  monitor: Fix out-of-bound read in print_le_states
  tools: Fix buffer overflow in hciattach_tialt.c
  tools: Fix signed integer overflow in btsnoop.c
  tools: Prevent infinity loops in bluemoon.c
  tools: Limit width of fields in sscanf
  device: Limit width of fields in sscanf
  gatt: Fix double free and freed memory dereference

 monitor/packet.c        |  5 +++--
 src/device.c            | 14 +++++++-------
 src/gatt-database.c     |  4 ++++
 tools/bluemoon.c        | 13 +++++++++++++
 tools/btmgmt.c          |  2 +-
 tools/btsnoop.c         |  2 +-
 tools/hciattach_tialt.c |  3 ++-
 tools/hex2hcd.c         |  2 +-
 8 files changed, 32 insertions(+), 13 deletions(-)

-- 
2.35.1