Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1075483rwb; Thu, 6 Oct 2022 08:10:45 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6YYEKHI/isg+v38A9MlSKKIYmVS8bopWf3T10ZdJQAVbESwM4kdWXxi2dAYv7xSuXfalc6 X-Received: by 2002:a17:907:a48:b0:77c:51b0:5aeb with SMTP id be8-20020a1709070a4800b0077c51b05aebmr258655ejc.61.1665069044847; Thu, 06 Oct 2022 08:10:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665069044; cv=none; d=google.com; s=arc-20160816; b=PYxqUGITeDVqf8ZmDhvI6rp7cm2o8QTQh+HgVDY1Lw8EhTAZVkH88NqV4z4mIgNpPg vAOzHJEC9uj+WpckMGmd2Q7Ig4bDikgiAbkRboJ1a5jNwRrhae4yRSlDQn+eVRIi/il3 25vsPUlMdwn52tfgoDjAoAzPBP6Jde2Fj9GVZA9tOCBlpkFQBXh8IMZUcbrEbhW/o4wO HsbnE5/T8MKk5uF2izigKHVSHEN+e2NSyov9bnbqf0x+kwDYsZuYSYk4fjAurqU+dWf/ x6zAe4sot8R717+OpdFY3Z5Safn7SgttjisdYovjNUzgfsuuEIlNI35+D8xVJYYesTa0 Dp9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=TPNj52iUGu/A+1ayMHKlb14cn4+M+G1UyKg4j5P5wxs=; b=rL+JvcGwc1o7te9uNHj6GmhmPXPrE4gEjzJ89U5MB1TKihTrt/VcE9Zm9N9UC4IuK+ /sMnxNYZCrs3ft6aMBqV+f/wJby5TorbuXWSMW0BJyiD/13U1broXeYrBIsCb7ORg6Ni zPcG/0Fc8ruVr6ReWuKC6QrlBELI2jGwicfAGky7F8heZbBNbN9PYa8/xaOqLSoOYv0K IpWPbGRxQMAXCGQSjPJhnPWNQqPVBKbZOhClgj+PoBG6jw4rIXGUna9CwVQTv/gcTn4T Wb6rkyH/MVsVoEDbiISrPwEVJT6763TRjV7D5kgoqdQSSptgOF/UlkCji8P+d9AmY7SD R2Ug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l14-20020a170906794e00b00741a16e8562si18635431ejo.826.2022.10.06.08.10.06; Thu, 06 Oct 2022 08:10:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229555AbiJFPAF (ORCPT + 99 others); Thu, 6 Oct 2022 11:00:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49146 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231805AbiJFO76 (ORCPT ); Thu, 6 Oct 2022 10:59:58 -0400 Received: from voyager.loytec.com (voyager.loytec.com [88.198.4.4]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7CFD1F9EF for ; Thu, 6 Oct 2022 07:59:54 -0700 (PDT) Received: from 212-17-98-152.static.upcbusiness.at ([212.17.98.152] helo=lexx.office.loytec.com) by voyager.loytec.com with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1ogSLo-0006ra-1b for linux-bluetooth@vger.kernel.org; Thu, 06 Oct 2022 16:59:52 +0200 Received: from loytec-dev-vm.delta.corp ([10.101.25.21]) by lexx.office.loytec.com (8.15.2/8.15.2/Some OS 1.2.3-4.5) with ESMTP id 296ExnRE4163430; Thu, 6 Oct 2022 16:59:49 +0200 From: Isak Westin To: linux-bluetooth@vger.kernel.org Cc: Isak Westin Subject: [PATCH BlueZ 2/6] mesh: provisionee: Handle unknown PDUs Date: Thu, 6 Oct 2022 16:59:23 +0200 Message-Id: <20221006145927.32731-3-isak.westin@loytec.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20221006145927.32731-1-isak.westin@loytec.com> References: <20221006145927.32731-1-isak.westin@loytec.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SA-Exim-Connect-IP: 212.17.98.152 X-SA-Exim-Mail-From: isak.westin@loytec.com X-SA-Exim-Scanned: No (on voyager.loytec.com); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org If an unknown PDU is received during provisioning, the provisioning should fail with "Invalid PDU". --- mesh/prov-acceptor.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/mesh/prov-acceptor.c b/mesh/prov-acceptor.c index f579a143b..ac257b170 100644 --- a/mesh/prov-acceptor.c +++ b/mesh/prov-acceptor.c @@ -399,6 +399,12 @@ static void acp_prov_rx(void *user_data, const uint8_t *data, uint16_t len) l_debug("Provisioning packet received type: %2.2x (%u octets)", type, len); + if (type >= L_ARRAY_SIZE(expected_pdu_size)) { + l_error("Unknown PDU type: %2.2x", type); + fail.reason = PROV_ERR_INVALID_PDU; + goto failure; + } + if (type == prov->previous) { l_error("Ignore repeated %2.2x packet", type); return; @@ -408,8 +414,7 @@ static void acp_prov_rx(void *user_data, const uint8_t *data, uint16_t len) goto failure; } - if (type >= L_ARRAY_SIZE(expected_pdu_size) || - len != expected_pdu_size[type]) { + if (len != expected_pdu_size[type]) { l_error("Expected PDU size %d, Got %d (type: %2.2x)", len, expected_pdu_size[type], type); fail.reason = PROV_ERR_INVALID_FORMAT; -- 2.20.1