summaryrefslogtreecommitdiff
path: root/lib/uuid.c
Commit message (Collapse)AuthorAgeFilesLines
* uuid: Fix crashing if a NULL string is passed to bt_string_to_uuidLuiz Augusto von Dentz2022-02-091-0/+3
| | | | | bt_string_to_uuid shall chack if the string is valid before attempting to access its contents.
* lib/uuid: Fix string to uuid32 conversionArchie Pusaka2021-05-241-1/+1
| | | | | | Use strtoul to prevent 32 bit overflow Reviewed-by: Yun-Hao Chung <howardchung@chromium.org>
* lib: Add SPDX License IdentifierTedd Ho-Jeong An2020-09-211-14/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds SPDX License Identifier and removes the license text. ------------------------------------- License COUNT ------------------------------------- GPL-2.0-or-later : 18 GPL-2.0-only : 1 License: GPL-2.0-or-later lib/sco.h lib/sdp.c lib/a2mp.h lib/uuid.h lib/bluetooth.h lib/hidp.h lib/rfcomm.h lib/hci.c lib/sdp.h lib/sdp_lib.h lib/bluetooth.c lib/mgmt.h lib/hci.h lib/uuid.c lib/l2cap.h lib/bnep.h lib/hci_lib.h lib/cmtp.h License: GPL-2.0-only lib/amp.h
* lib/uuid: Fix using unitialized valuesLuiz Augusto von Dentz2016-07-291-2/+5
| | | | | | | | | | | | | | | | | | | | | | | The strings passed to bt_uuid_strcmp may not be valid UUIDs so the return of bt_string_to_uuid needs to be checked otherwise bt_uuid_cmp may attempt to access unitialized values: Conditional jump or move depends on uninitialised value(s) at 0x4C1D4D: bt_uuid_to_uuid128 (uuid.c:78) by 0x4C1F22: bt_uuid_cmp (uuid.c:131) by 0x4C24A8: bt_uuid_strcmp (uuid.c:286) by 0x40F8A8: reconnect_match (policy.c:514) by 0x40F8A8: service_cb (policy.c:655) by 0x499331: change_state (service.c:109) by 0x499BBB: btd_service_connecting_complete (service.c:361) by 0x4178C1: stream_state_changed (source.c:163) by 0x422C78: avdtp_sep_set_state (avdtp.c:1013) by 0x42372A: handle_transport_connect (avdtp.c:844) by 0x423D8B: avdtp_connect_cb (avdtp.c:2326) by 0x465BBB: connect_cb (btio.c:232) by 0x50CA702: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.4800.1) Uninitialised value was created by a stack allocation at 0x4C2460: bt_uuid_strcmp (uuid.c:280)
* uuid: fix 1 byte stack overflowCody P Schafer2016-03-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | scanf requires that '[' convertion specifiers have enough room for all characters in the string, _plus a terminating null byte_. We were previously not providing room for the terminating null byte. This was detected by AddressSanitizer: ==15036==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffe4e774401 at pc 0x7fd33f572c98 bp 0x7ffe4e774270 sp 0x7ffe4e7739f8 WRITE of size 2 at 0x7ffe4e774401 thread T0 #0 0x7fd33f572c97 in scanf_common /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:340 #1 0x7fd33f5739ea in __interceptor_vsscanf /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:769 #2 0x7fd33f573b49 in __interceptor_sscanf /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:793 #3 0x650db5 in is_base_uuid128 lib/uuid.c:191 #4 0x65196e in bt_string_to_uuid lib/uuid.c:267 #5 0x56f28e in parse_uuid src/gatt-database.c:1473 #6 0x5729e0 in database_add_service src/gatt-database.c:2053 #7 0x57329f in database_add_app src/gatt-database.c:2106 #8 0x573adc in client_ready_cb src/gatt-database.c:2211 #9 0x6695fd in get_managed_objects_reply gdbus/client.c:1097 #10 0x7fd33efd5391 (/usr/lib/libdbus-1.so.3+0x13391) #11 0x7fd33efd8db0 in dbus_connection_dispatch (/usr/lib/libdbus-1.so.3+0x16db0) #12 0x651ecd in message_dispatch gdbus/mainloop.c:72 #13 0x7fd33f25cc39 in g_main_context_dispatch (/usr/lib/libglib-2.0.so.0+0x49c39) #14 0x7fd33f25cfdf (/usr/lib/libglib-2.0.so.0+0x49fdf) #15 0x7fd33f25d301 in g_main_loop_run (/usr/lib/libglib-2.0.so.0+0x4a301) #16 0x54b7d1 in main src/main.c:687 #17 0x7fd33d90870f in __libc_start_main (/usr/lib/libc.so.6+0x2070f) #18 0x40bba8 in _start (/home/cody/g/bluez/src/bluetoothd+0x40bba8) Address 0x7ffe4e774401 is located in stack of thread T0 at offset 33 in frame #0 0x650ccd in is_base_uuid128 lib/uuid.c:184 This frame has 2 object(s): [32, 33) 'dummy' <== Memory access at offset 33 overflows this variable [96, 98) 'uuid' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:340 scanf_common Shadow bytes around the buggy address: 0x100049ce6830: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100049ce6840: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100049ce6850: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100049ce6860: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100049ce6870: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 =>0x100049ce6880:[01]f4 f4 f4 f2 f2 f2 f2 02 f4 f4 f4 f3 f3 f3 f3 0x100049ce6890: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 0x100049ce68a0: 00 f4 f4 f4 f2 f2 f2 f2 00 00 04 f4 f2 f2 f2 f2 0x100049ce68b0: 00 00 00 00 00 00 00 00 00 f4 f4 f4 f3 f3 f3 f3 0x100049ce68c0: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 0x100049ce68d0: 01 f4 f4 f4 f2 f2 f2 f2 00 00 04 f4 f3 f3 f3 f3 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe ==15036==ABORTING
* lib/uuid: Make bt_uuid_to_string always use the same formatLuiz Augusto von Dentz2015-12-021-33/+22
| | | | | The convention has been to use 128 Bits UUID strings so other types must be converted first.
* lib/uuid: Fix bt_uuid_strcmpLuiz Augusto von Dentz2015-09-061-1/+6
| | | | | | bt_uuid_strcmp shall first convert the strings to bt_uuid_t using bt_string_to_uuid since bt_uuid_to_string can produce different formats depending on the type.
* lib/uuid: Fix bt_uuid_to_leLuiz Augusto von Dentz2015-03-301-1/+2
| | | | | | bt_uuid_to_le is currently broken if the src uuid is type 32 bits since it does the conversion to 128 bits but still uses the original value to swap instead of the coverted one.
* lib/uuid: Fix bt_uuid_to_le for 128 BitsLuiz Augusto von Dentz2015-03-021-3/+3
| | | | | The convention is that 128 Bits are always defined in big endian format therefore the bytes always needs to be swapped.
* lib: Use explicit include for lib/bluetooth.hMarcel Holtmann2015-02-181-0/+1
|
* uuid: Add bt_uuid_to_leLuiz Augusto von Dentz2015-02-161-0/+21
| | | | This adds bt_uuid_to_le and replace the use of put_uuid_le.
* lib/uuid: Simplify BT base UUIDs when possibleMichael Janssen2014-12-101-2/+17
| | | | | | When converting a UUID from string to bt_uuid_t, prefer using the 16-bit version when possible, which should generate shorter sequences by increasing the number of 16-bit types.
* lib: List all enum values in switchSzymon Janc2014-12-081-0/+2
| | | | As described in coding style M10.
* lib: Fix UUID 16/32-bits to 128-bit conversionClaudio Takahasi2014-03-241-16/+18
| | | | | | 16 and 32-bit UUIDs are always created using host order. However, no matter the system type, 128-bit UUID must use big-endian byte order format (similar to human-readble format).
* lib: Remove hton128() from bt_uuid_to_string()Claudio Takahasi2014-03-241-4/+1
| | | | | | | bt_uuid_to_string() helper should get the raw UUID value. Caller should convert the 128-bit UUID before call this helper (if applicable). bt_uuid_t stores 128-bit UUID using big-endian format (human-readable format), swapping byte order is not necessary.
* lib: Remove ntoh128() from bt_string_to_uuid128()Claudio Takahasi2014-03-241-4/+2
| | | | | | | No matter the system, 128-bit UUIDs should not be converted to any byte order when creating the UUID. Conversion to big/little endian should be performed when transfering the data over-the-air only. bt_uuid_t should handle 128-bit UUID on big-endian format (human-readable format).
* Revert "Ensure config.h is included by using CPPFLAGS"Johan Hedberg2012-12-071-0/+4
| | | | | | | | | | | | | | This reverts commit 8a03376544b046a84301847d1594f6c3674983ff. The patch needs to be split up and the gdbus/ changes were bogus compared to the original commit message. Conflicts: Makefile.am Makefile.obexd profiles/cyclingspeed/cyclingspeed.c profiles/heartrate/heartrate.c src/error.c
* Ensure config.h is included by using CPPFLAGSLucas De Marchi2012-12-051-4/+0
| | | | | | | | | | Instead of trying to include config.h in each file over the tree and possibly forgetting to include it, give a "-include config.h" argument to the compiler so it's guaranteed that a) it will be included for all source files and b) it will be the first header included. gdbus/ directory is left out, since it would break other projects using it.
* uuid: Add string-format UUID comparison helper functionJohan Hedberg2012-09-031-0/+5
|
* Refactor value assignments of bt_uuid_t variablesAnderson Lizardo2011-09-221-1/+1
| | | | | | | | | Prior to this commit, the assignments were made with memcpy(). This can be unsafe and less readable, therefore it was replaced with code like: <dst> = *src; This also allows more compiler safety checks.
* Add more functions for new UUID handlingElvis Pfützenreuter2011-03-151-0/+145
| | | | | | This patch adds more functions that are necessary to handle the new bt_uuid_t type, and moves basic things like byte-swapping functions and uint128_t type to bluetooth.h.
* Add new UUID utility functionsClaudio Takahasi2011-03-151-0/+128
New UUID functions will store the UUIDs values on host order. Added functions to create, compare and convert UUIDs.
View Lorry Controller Status