Received: by 2002:a05:7412:8521:b0:e2:908c:2ebd with SMTP id t33csp672953rdf;
        Fri, 3 Nov 2023 11:22:14 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IEPL+adbSYMvU8SriUG1NY27PbyGboKmJjuq79rCD72JdFgERktcFRjAsDR9tMWjPRatzc2
X-Received: by 2002:a05:6a21:6d88:b0:17e:2afd:408a with SMTP id wl8-20020a056a216d8800b0017e2afd408amr23842451pzb.5.1699035734498;
        Fri, 03 Nov 2023 11:22:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1699035734; cv=none;
        d=google.com; s=arc-20160816;
        b=L0NggwzZT9/sqyB995AUgK0yvc0I63MLCO/WBUwOPQfgnxP7yN4oIR7l13NIUYtuVk
         LKcZW7TwEanDQ83AbDwN6EwjXDpTuyiG+Z/8lkOmUFSRugiii5QJTPPvHD3jwDmXOMxD
         0EYoVNTH2BPz+nLrumh8FkwlefM66sc4l34ncoOr7QZUHW/srhcI8kijhY5LzfsI1P32
         oq7v59qCC/Cz8PFsjfo6TjQ7xkMAH/t4QVTMVeTbvYOcfhK0EjxYePAhqSR9ItOCtpJb
         Jq90iYYR5QQuoSlVafM2W+5J859vEqyLsOLg62bJjtZ/ETMapGaY9SmhtSaCMEWkeUS4
         SctA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=PbD8fe/Bl5d7FHLGnHJs6sjZBv1NSxlGABe/D+90Maw=;
        fh=q933pV6NrxIrJEaTU4dblERPskhjd3MnawLueTVokpc=;
        b=wBbK4CTyKjOlgrVGzZGedwL0sc67cOBGkKUAZe3Y56mFRlDm40fAHc2Of0+zATKk/d
         fbkIiiGKbMQ6SRk01e6jw4ZPf5svuk6zUjyzMVg6LocoJr4MzpDHk1XumMCcBv8mGexT
         wLnbkIX1icAoNFr65Lu0ts9l0lUgJcBSgg1rABnBYXrRODg9vFya/DqgHuMmOvI7XLXy
         cIRal9jkEmcucu5wffhFqXBQafdCTG3oMSFILWpUYfLr6SL+pCVFARZf5EJSe+0bgEHk
         BfkgHvDWH2jtWAN3/P7U+hONnuaej0r8mdeZrjavaWwJXiiQErag7SKKboV8Chfn//8i
         x54A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33])
        by mx.google.com with ESMTPS id f6-20020a056a00238600b00690b80126b9si2009850pfc.142.2023.11.03.11.22.14
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Nov 2023 11:22:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by lipwig.vger.email (Postfix) with ESMTP id 2358E8081BD2;
	Fri,  3 Nov 2023 11:22:03 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233381AbjKCSWD (ORCPT <rfc822;antoine.nauzet@gmail.com>
        + 99 others); Fri, 3 Nov 2023 14:22:03 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57152 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230197AbjKCSWC (ORCPT
        <rfc822;linux-bluetooth@vger.kernel.org>);
        Fri, 3 Nov 2023 14:22:02 -0400
Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5DFBAD42
        for <linux-bluetooth@vger.kernel.org>; Fri,  3 Nov 2023 11:21:59 -0700 (PDT)
Received: from smtp1.mailbox.org (smtp1.mailbox.org [IPv6:2001:67c:2050:b231:465::1])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
        (No client certificate requested)
        by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4SMTbj5KGyz9t0M;
        Fri,  3 Nov 2023 19:21:53 +0100 (CET)
From:   =?UTF-8?q?Jonas=20Dre=C3=9Fler?= <verdre@v0yd.nl>
To:     linux-bluetooth@vger.kernel.org
Cc:     zbrown@gnome.org, =?UTF-8?q?Jonas=20Dre=C3=9Fler?= <verdre@v0yd.nl>
Subject: [PATCH BlueZ 0/4] Fix an allocation oversight in SDP parsing
Date:   Fri,  3 Nov 2023 19:21:46 +0100
Message-ID: <20231103182150.60088-1-verdre@v0yd.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4SMTbj5KGyz9t0M
X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Fri, 03 Nov 2023 11:22:03 -0700 (PDT)

There's fairly old oversight in the SDP parsing code where it was forgotten to
add a NULL termination byte to strings that are later handled using strlen().

This series fixes that oversight, with a few commits to better follow best
practices on top.

Found by running with address sanitizer.

Jonas Dreßler (4):
  lib/sdp: Allocate strings in sdp_data_t with NULL termination
  lib/sdp: Don't assume uint8_t has size 1
  lib/sdp: Use correct string length in sdp_copy_seq()
  lib/sdp: Pass size_t to sdp_get_string_attr()

 lib/sdp.c     | 15 ++++++++-------
 lib/sdp_lib.h | 14 +++++++-------
 2 files changed, 15 insertions(+), 14 deletions(-)

-- 
2.41.0