On Thu, Jun 22, 2017 at 09:18:10AM +0300, Johan Hedberg wrote: > Hi Matias, > > On Thu, Jun 22, 2017, Matias Karhumaa wrote: > > > >> It seems to me that the bug is with opp.c passing the service_data to > > > >> manager_request_authorization(), and service_data is expected to be the > > > >> obex_transfer object. However, currently the code creates this object > > > >> only upon CONNECT (in opp_connect). > > > >> > > > >> I think one possible way to solve this would be to trigger a call to > > > >> os->service->connect if CONNECT hasn't been explicitly issued, however > > > >> then the code needs to track this in some other way since service_data > > > >> seems too unreliable. > > > > > > How about the following: > > > > > > https://gist.github.com/Vudentz/1736d6af9608b9332b93858d92a3feff > > > > Your fix seems solid to me and fixes the crash with OPP. I checked ftp.c > > also and saw potentially similar problem in ftp_chkput. Should we call > > os->service->connect also in case of OBEX_FTP? > > OPP is the only service where the specification allows skipping the > connect step. This is why os->service gets pre-initialized to OPP (in > the obex_session_start function). Also, if the OPP plugin isn't > available os->service will be NULL before CONNECT, and that's something > the code already seems to check for (e.g. in cmd_put). So unless I've > misunderstood something, you shouldn't be able get to a situation where > os->service points at FTP but CONNECT hasn't been issued. Ok, understood. Actually I tried to do FTP PUT without CONNECT and I can confirm that it works as you explained. I will create a patch from the gist. Best regards, Matias Karhumaa -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html