Branch: refs/heads/master Home: https://github.com/bluez/bluez Commit: dacc693732634365251328159d44d1dc42bd37c5 https://github.com/bluez/bluez/commit/dacc693732634365251328159d44d1dc42bd37c5 Author: Frédéric Danis <frederic.danis@xxxxxxxxxxxxx> Date: 2024-01-12 (Fri, 12 Jan 2024) Changed paths: M src/shared/gatt-db.c Log Message: ----------- shared/gatt-db: Fix munmap_chunk invalid pointer PTS test GATT/CL/GAD/BV-03-C published a service starting at handle 0xfffd and ending at 0xffff. This resets the next_handle to 0 in gatt_db_insert_service() instead of setting it to 0x10000. Other services are added later. This could end-up by a crash in db_hash_update() if not enough space has been allocated for hash.iov and some entries are overwritten. Next_handle can be replaced by a last_handle variable which will not loop over. This can be replaced by queue_peek_tail() and computing the value, but keeping last_handle will avoid this sort of lookup. Commit: ba5a1de8f8826ea55175c12a7b1122b145f350a1 https://github.com/bluez/bluez/commit/ba5a1de8f8826ea55175c12a7b1122b145f350a1 Author: Frédéric Danis <frederic.danis@xxxxxxxxxxxxx> Date: 2024-01-12 (Fri, 12 Jan 2024) Changed paths: M unit/test-gatt.c Log Message: ----------- unit/test-gatt: Add tail setup db test Verify that gatt_db_get_hash() does not crash when services are added to the tail end of the db. Compare: https://github.com/bluez/bluez/compare/c85546cba715...ba5a1de8f882
