From: Ossama Othman Date: Fri, 7 Aug 2015 18:49:47 +0000 (-0700) Subject: Fixed seg fault when filtering Linux BLE devices. X-Git-Tag: 1.2.0+RC1~1244 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=b5bff4ab94d365d2bf48eef743a1335b93cd37cd;p=platform%2Fupstream%2Fiotivity.git Fixed seg fault when filtering Linux BLE devices. The loop used to filter Linux BLE devices by UUID iterated through a zero-terminated array, and used the zero terminator as the stopping condition. However, it neglected to dereference the iterator to check for the zero terminator, and incorrectly checked the iterator itself. That resulted in the loop body dereferencing and using the last element, the zero terminator, in a strcasecmp() call, and ultimately seg faulting. Rather than depend on the zero-terminator, obtain the length of the array and use it to determine the end iterator beforehand. Change-Id: Idecee74d19ebe01a812ecf17365f39be9ae1f7fe Signed-off-by: Ossama Othman Reviewed-on: https://gerrit.iotivity.org/gerrit/2142 Tested-by: jenkins-iotivity Reviewed-by: Erich Keane --- diff --git a/resource/csdk/connectivity/src/bt_le_adapter/linux/caleinterface.c b/resource/csdk/connectivity/src/bt_le_adapter/linux/caleinterface.c index 73703e0..0ed2715 100644 --- a/resource/csdk/connectivity/src/bt_le_adapter/linux/caleinterface.c +++ b/resource/csdk/connectivity/src/bt_le_adapter/linux/caleinterface.c @@ -649,7 +649,8 @@ static bool CALEDeviceFilter(GDBusProxy * device) return accepted; } - char const ** const UUIDs = g_variant_get_strv(prop, NULL); + gsize length = 0; + char const ** const UUIDs = g_variant_get_strv(prop, &length); /** * @note It would have been nice to use @c g_strv_contains() here, @@ -658,7 +659,8 @@ static bool CALEDeviceFilter(GDBusProxy * device) * Just run the loop manually, and use @c strcasecmp() * instead. */ - for (char const * const * u = UUIDs; u != NULL; ++u) + char const * const * const end = UUIDs + length; + for (char const * const * u = UUIDs; u != end; ++u) { if (strcasecmp(*u, CA_GATT_SERVICE_UUID) == 0) {