Sending this mail again due to HTML mails not being allowed. Hi Luiz, The patch did not fix my issue. The issue described in the bugzilla ticket was an error in the mgmt.c module. I do not see any direct correlation between your patch and the error i am encountering. I have tried your patch on mainline (5.18) and got the same strlen bug when executing the example program I have attached to the bugzilla ticket. I think strlen in the mgmt.c module needs to be replaced by strnlen. I have attached a patch with these changes to this mail. After applying this patch the error could not be reproduced for me. However, I am not sure, if the changes you have made in the eir.c module are also prudent and could fix similar issues (I am not familiar with this). Regards, Tom Unbehau
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index d2d390534e54..8e528fad2264 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -1082,11 +1082,11 @@ static u16 append_eir_data_to_buf(struct hci_dev *hdev, u8 *eir) eir_len = eir_append_le16(eir, eir_len, EIR_APPEARANCE, hdev->appearance); - name_len = strlen(hdev->dev_name); + name_len = strnlen(hdev->dev_name, sizeof(hdev->dev_name)); eir_len = eir_append_data(eir, eir_len, EIR_NAME_COMPLETE, hdev->dev_name, name_len); - name_len = strlen(hdev->short_name); + name_len = strnlen(hdev->short_name, sizeof(hdev->short_name)); eir_len = eir_append_data(eir, eir_len, EIR_NAME_SHORT, hdev->short_name, name_len);
