CVS commit: src/sys/netbt

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/netbt
From: "Iain Hibbert" <plunky%netbsd.org@localhost>
Date: Tue, 21 Aug 2018 14:59:13 +0000

Module Name:    src
Committed By:   plunky
Date:           Tue Aug 21 14:59:13 UTC 2018

Modified Files:
        src/sys/netbt: hci_event.c l2cap_signal.c

Log Message:
Result of audit to check that mbuf length is checked before m_copydata()
and that any data supposedly copied out is valid before use.

prompted by maxv@, I have checked every usage of m_copydata() and made
the following corrections

hci_event.c:
        hci_event_command_compl()
                check that the packet does contain enough data for there to
                be a status code before noting possible failures.

        hci_event_num_compl_pkts()
                check that the packet does contain data to cover the
                stated number of handle/num pairs

l2cap_signal.c:
        l2cap_recv_signal()
                just ignore packets with not enough data rather than
                trying to reject them (may not have cmd.ident)

        l2cap_recv_command_rej()
                check we have a valid reason and/or data before use


To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/sys/netbt/hci_event.c
cvs rdiff -u -r1.18 -r1.19 src/sys/netbt/l2cap_signal.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/arch/arm/sunxi
Next by Date: CVS commit: src/external/gpl2/xcvs/dist/src
Previous by Thread: CVS commit: src/sys/arch/arm/sunxi
Next by Thread: CVS commit: src/external/gpl2/xcvs/dist/src
Indexes:

Home | Main Index | Thread Index | Old Index