Hello:
This series was applied to bluetooth/bluez.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>:
On Mon, 9 Dec 2024 15:58:41 -0500 you wrote:
> From: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
>
> The following crash can happen if the original gatt_db has incomplete
> service definitions since the attribute might still be discovering:
>
> Invalid read of size 4
> at 0x1E5A39: bt_uuid_len (uuid.h:289)
> by 0x1E5A39: service_clone (gatt-db.c:284)
> by 0x1D5EBB: queue_foreach (queue.c:207)
> by 0x1E61CD: gatt_db_clone (gatt-db.c:329)
> by 0x1C18F0: btd_device_set_gatt_db (device.c:7110)
> by 0x1C9F96: foreach_rsi (set.c:295)
> by 0x1D5EBB: queue_foreach (queue.c:207)
> by 0x48EA91F: g_slist_foreach (in /usr/lib64/libglib-2.0.so.0.8000.3)
> by 0x1CA2C8: btd_set_add_device (set.c:357)
> by 0x1BB9AB: btd_device_add_set (device.c:2049)
> by 0x17FF76: csip_ready (csip.c:243)
> by 0x1FD5CC: csip_notify_ready (csip.c:546)
> by 0x1FD5CC: csip_idle (csip.c:630)
> by 0x1DE20C: idle_notify (gatt-client.c:171)
> Address 0xc is not stack'd, malloc'd or (recently) free'd
>
> [...]
Here is the summary with links:
- [BlueZ,v1,1/3] shared/gatt-db: Fix possible crash on gatt_db_clone
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=0d9f5f6a8c14
- [BlueZ,v1,2/3] main.conf: Add GATT.ExportClaimedServices
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=dbd6591bd1d0
- [BlueZ,v1,3/3] monitor: Allow caching of temporary gatt_db
(no matching commit)
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
