https://bugzilla.kernel.org/show_bug.cgi?id=197855 Bug ID: 197855 Summary: btbcm can use uninitialized stack fw_name to try & report firmware Product: Drivers Version: 2.5 Kernel Version: <=4.14-rc8 Hardware: All OS: Linux Tree: Mainline Status: NEW Severity: normal Priority: P1 Component: Bluetooth Assignee: linux-bluetooth@xxxxxxxxxxxxxxx Reporter: mahatma@xxxxxxxxxxxxxx Regression: No Created attachment 260623 --> https://bugzilla.kernel.org/attachment.cgi?id=260623&action=edit pre-init fw_name in btbcm_initialize by hw id btbcm can use uninitialized stack fw_name to try & report firmware. fw_name first declared in hci_bcm.c bcm_setup(), must be filled in btbcm.c btbcm_initialize(). Real hw: Lenovo Thinkpad 10 2nd, device BCM4354A2, uart. It defined later for USB, but IMHO in this tablet it assembled on different wifi/bt/buses combination, so calling uart from btattach cause messages like "BCM: Patch ... not found", where "..." random stack garbage. I solve this problem by simple init fw_name in btbcm.c. Unsure about style of this patch (it can cause too agnostic silent firmware usage on new devices), but it just work for my device - after googling & renaming BCM4354A2.hcd to BCM-unknown-uart-230f-2.hcd, so I even don't try to add & report device ID to bcm_uart_subver_table (like bcm_usb_subver_table). PS I don't deep analyze a bit changed linux-next, but quick looks same (patch fuzzy applied). Patch for 4.14.rc8. Also I don't check btbcm_setup_patchram() for same problem. -- You are receiving this mail because: You are the assignee for the bug.-- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
