rpm/bluez
SHA256
1
0
Fork 0
forked from pool/bluez
Code Pull Requests Activity

Accepting request 291072 from home:seife:testing

Browse Source 
update to version 5.29

OBS-URL: https://build.opensuse.org/request/show/291072
OBS-URL: https://build.opensuse.org/package/show/Base:System/bluez?expand=0&rev=185
This commit is contained in:
Stefan Seyfried 2015-03-16 18:42:39 +00:00 committed by Git OBS Bridge
parent 76a45066b2
commit 909d229ffb
5 changed files with 144 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
20150312-PATCH_BlueZ_shared_gatt-client_Fix_invalid_read-56974.patch Normal file
View File

@ -0,0 +1,123 @@
Betreff: [PATCH BlueZ] shared/gatt-client: Fix invalid read
Von: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
Datum: 12.03.2015 10:05
An: linux-bluetooth@vger.kernel.org
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This fixes the following trace caused by last changes which included
prepare write support but broke cancel_request code:
Invalid read of size 1
at 0x43E726: cancel_request (gatt-client.c:1854)
by 0x447E4F: queue_remove_all (queue.c:387)
by 0x43F19A: bt_gatt_client_cancel_all (gatt-client.c:1866)
by 0x43F250: bt_gatt_client_free (gatt-client.c:1569)
by 0x43F3D0: bt_gatt_client_unref (gatt-client.c:1692)
by 0x43380C: destroy_context (test-gatt.c:284)
by 0x43380C: context_quit (test-gatt.c:312)
by 0x433E77: test_read_cb (test-gatt.c:677)
by 0x43C260: read_cb (gatt-client.c:1924)
by 0x43948B: handle_rsp (att.c:640)
by 0x43948B: can_read_data (att.c:813)
by 0x446DAA: watch_callback (io-glib.c:170)
by 0x4E7E7FA: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.4200.2)
by 0x4E7EB97: ??? (in /usr/lib64/libglib-2.0.so.0.4200.2)
Address 0x57f0908 is 8 bytes inside a block of size 40 free'd
at 0x4C2ACE9: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x43E06F: request_unref (gatt-client.c:160)
by 0x4389C6: cancel_att_send_op (att.c:222)
by 0x4389C6: bt_att_cancel (att.c:1194)
by 0x43E71D: cancel_request (gatt-client.c:1852)
by 0x447E4F: queue_remove_all (queue.c:387)
by 0x43F19A: bt_gatt_client_cancel_all (gatt-client.c:1866)
by 0x43F250: bt_gatt_client_free (gatt-client.c:1569)
by 0x43F3D0: bt_gatt_client_unref (gatt-client.c:1692)
by 0x43380C: destroy_context (test-gatt.c:284)
by 0x43380C: context_quit (test-gatt.c:312)
by 0x433E77: test_read_cb (test-gatt.c:677)
by 0x43C260: read_cb (gatt-client.c:1924)
by 0x43948B: handle_rsp (att.c:640)
by 0x43948B: can_read_data (att.c:813)
---
src/shared/gatt-client.c | 44 ++++++++++++++++----------------------------
1 file changed, 16 insertions(+), 28 deletions(-)
diff --git a/src/shared/gatt-client.c b/src/shared/gatt-client.c
index 5ee753e..1e7032c 100644
--- a/src/shared/gatt-client.c
+++ b/src/shared/gatt-client.c
@@ -1815,47 +1815,34 @@ static bool cancel_prep_write_session(struct bt_gatt_client *client,
req, request_unref);
}
-bool bt_gatt_client_cancel(struct bt_gatt_client *client, unsigned int id)
+static bool cancel_request(void *data)
{
- struct request *req;
-
- if (!client || !id || !client->att)
- return false;
-
- req = queue_remove_if(client->pending_requests, match_req_id,
- UINT_TO_PTR(id));
- if (!req)
- return false;
+ struct request *req = data;
req->removed = true;
- if (!bt_att_cancel(client->att, req->att_id) && !req->long_write &&
- !req->prep_write)
- return false;
-
- /* If this was a long-write, we need to abort all prepared writes */
if (req->long_write)
- return cancel_long_write_req(client, req);
+ return cancel_long_write_req(req->client, req);
if (req->prep_write)
- return cancel_prep_write_session(client, req);
+ return cancel_prep_write_session(req->client, req);
- return true;
+ return bt_att_cancel(req->client->att, req->att_id);
}
-static void cancel_request(void *data)
+bool bt_gatt_client_cancel(struct bt_gatt_client *client, unsigned int id)
{
- struct request *req = data;
-
- req->removed = true;
+ struct request *req;
- bt_att_cancel(req->client->att, req->att_id);
+ if (!client || !id || !client->att)
+ return false;
- if (req->long_write)
- cancel_long_write_req(req->client, req);
+ req = queue_remove_if(client->pending_requests, match_req_id,
+ UINT_TO_PTR(id));
+ if (!req)
+ return false;
- if (req->prep_write)
- cancel_prep_write_session(req->client, req);
+ return cancel_request(req);
}
bool bt_gatt_client_cancel_all(struct bt_gatt_client *client)
@@ -1863,7 +1850,8 @@ bool bt_gatt_client_cancel_all(struct bt_gatt_client *client)
if (!client || !client->att)
return false;
- queue_remove_all(client->pending_requests, NULL, NULL, cancel_request);
+ queue_remove_all(client->pending_requests, NULL, NULL,
+ (queue_destroy_func_t) cancel_request);
if (client->discovery_req) {
bt_gatt_request_cancel(client->discovery_req);
-- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

3
bluez-5.28.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:85bab48f4b47a158739028682c1e09cf30099c8ea9dfe63360055f8e06fc18a9
size 1553592

3
bluez-5.29.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:df216a6d5ec6133355e5d4ed6b5e7a188a940940d337374e166758513246f0e4
size 1573632

14
bluez.changes
View File

@ -1,3 +1,17 @@
-------------------------------------------------------------------
Thu Mar 12 12:03:30 UTC 2015 - seife+obs@b1-systems.com
- update to version 5.29
This is a comparatively large release with over a month and 475
commits since 5.28. There have been lots of fixes to the Android
side. Our internal GATT library (used both by normal BlueZ as
well as the Android version) received lots of updates for this
release. Other notable changes are a fix for AVCTP key repeat
timeout as well as added support for the Multi Profile
Specification (MPS).
- add patch from bluez-devel for fixing test case failure (will be
included in next bluez release)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Feb 3 10:45:20 UTC 2015 - seife+obs@b1-systems.com Tue Feb 3 10:45:20 UTC 2015 - seife+obs@b1-systems.com

5
bluez.spec
View File

@ -24,7 +24,7 @@ BuildRequires: libcap-ng-devel
BuildRequires: systemd-devel BuildRequires: systemd-devel
BuildRequires: pkgconfig(dbus-1) >= 1.4 BuildRequires: pkgconfig(dbus-1) >= 1.4
%{?systemd_requires} %{?systemd_requires}
Version: 5.28 Version: 5.29
Release: 0 Release: 0
Summary: Bluetooth Stack for Linux Summary: Bluetooth Stack for Linux
License: GPL-2.0+ License: GPL-2.0+
@ -36,6 +36,8 @@ Source7: bluetooth.modprobe
# fix some logitech HID devices, bnc#681049, bnc#850478 --seife+obs@b1-systems.com # fix some logitech HID devices, bnc#681049, bnc#850478 --seife+obs@b1-systems.com
Patch1: bluez-5.11-logitech-hid2hci.patch Patch1: bluez-5.11-logitech-hid2hci.patch
Patch2: bluez-sdp-unix-path.patch Patch2: bluez-sdp-unix-path.patch
# temporary fix untils bluez-5.30 comes along
Patch100: 20150312-PATCH_BlueZ_shared_gatt-client_Fix_invalid_read-56974.patch
BuildRequires: alsa-devel BuildRequires: alsa-devel
BuildRequires: automake BuildRequires: automake
BuildRequires: check-devel BuildRequires: check-devel
@ -111,6 +113,7 @@ BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A.
%setup -q %setup -q
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch100 -p1
mkdir dbus-apis mkdir dbus-apis
cp -a doc/*.txt dbus-apis/ cp -a doc/*.txt dbus-apis/
# FIXME: Change the dbus service to be a real service, not systemd launched # FIXME: Change the dbus service to be a real service, not systemd launched