mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
36 lines
1.0 KiB
Diff
36 lines
1.0 KiB
Diff
|
From 1b97ac8d26a07231e48bfa90ea653d8cd8104428 Mon Sep 17 00:00:00 2001
|
||
|
|
From: balakrishna <quic_kunthumu@quicinc.com>
|
||
|
|
Date: Tue, 7 Mar 2023 16:53:46 +0530
|
||
|
|
Subject: [PATCH] BT: Fixing the rfc_slot_id overflow
|
||
|
|
|
||
|
|
Root cause:
|
||
|
|
overflow causing leak in slot fds.
|
||
|
|
As slot id 0 not valid, we are not able to release these fds later.
|
||
|
|
|
||
|
|
Fix:
|
||
|
|
Changes are made to avoid overflow while allocate rfc slots.
|
||
|
|
|
||
|
|
CRs-Fixed: 3417458
|
||
|
|
Change-Id: I5d7efa34bfb97a6dd8e9d68615d29120a0ae51f0
|
||
|
|
---
|
||
|
|
btif/src/btif_sock_rfc.cc | 6 +++++-
|
||
|
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/btif/src/btif_sock_rfc.cc b/btif/src/btif_sock_rfc.cc
|
||
|
|
index 0403c588a..b56fbe12b 100644
|
||
|
|
--- a/btif/src/btif_sock_rfc.cc
|
||
|
|
+++ b/btif/src/btif_sock_rfc.cc
|
||
|
|
@@ -215,7 +215,11 @@ static rfc_slot_t* alloc_rfc_slot(const RawAddress* addr, const char* name,
|
||
|
|
}
|
||
|
|
|
||
|
|
// Increment slot id and make sure we don't use id=0.
|
||
|
|
- if (++rfc_slot_id == 0) rfc_slot_id = 1;
|
||
|
|
+ if (UINT32_MAX == rfc_slot_id) {
|
||
|
|
+ rfc_slot_id = 1;
|
||
|
|
+ } else {
|
||
|
|
+ ++rfc_slot_id;
|
||
|
|
+ }
|
||
|
|
|
||
|
|
slot->fd = fds[0];
|
||
|
|
slot->app_fd = fds[1];
|