projects / platform / upstream / bluez.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ab59fb3)
gatt: sanitize input at profile registration
authorAndreas Kemnade <andreas@kemnade.info>
Sat, 26 Feb 2022 10:08:36 +0000 (11:08 +0100)
committerAyush Garg <ayush.garg@samsung.com>
Mon, 15 May 2023 09:25:53 +0000 (14:55 +0530)
Check whether type of UUIDs property of GattProfile1 object
is correct.

Signed-off-by: Manika Shrivastava <manika.sh@samsung.com>
Signed-off-by: Ayush Garg <ayush.garg@samsung.com>
src/gatt-database.c patch | blob | history

diff --git a/src/gatt-database.c b/src/gatt-database.c
index 75ffd57..9b746fc 100644 (file)
--- a/src/gatt-database.c
+++ b/src/gatt-database.c
@@ -4137,6 +4137,11 @@ static struct external_profile *create_profile(struct gatt_app *app,
                goto fail;
        }
 
+       if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) {
+               DBG("UUIDs wrongly formatted");
+               goto fail;
+       }
+
        dbus_message_iter_recurse(&iter, &array);
 
        while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_STRING) {
Domain: Network & Connectivity / Bluetooth;