You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by ma...@apache.org on 2017/03/06 21:19:19 UTC
[43/50] incubator-mynewt-core git commit: Fix invalid memory accesses
in ble_uuid_cmp
Fix invalid memory accesses in ble_uuid_cmp
When the two uuid values differ in type, one of two things can happen:
1. Access to unallocated or uninitialised memory
2. Unaligned access to 16/32-bit values
Both of these cause crashes, so always make sure we are comparing like types.
Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/d50951d0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/d50951d0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/d50951d0
Branch: refs/heads/master
Commit: d50951d05479ea3e2749068e7f5cab3c635c3412
Parents: 2242bc1
Author: Simon Ratner <si...@probablyprime.net>
Authored: Sat Mar 4 12:02:40 2017 -0800
Committer: Simon Ratner <si...@probablyprime.net>
Committed: Sat Mar 4 12:02:40 2017 -0800
----------------------------------------------------------------------
net/nimble/host/src/ble_uuid.c | 4 ++++
1 file changed, 4 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/d50951d0/net/nimble/host/src/ble_uuid.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/ble_uuid.c b/net/nimble/host/src/ble_uuid.c
index 028e227..f9ccc6d 100644
--- a/net/nimble/host/src/ble_uuid.c
+++ b/net/nimble/host/src/ble_uuid.c
@@ -76,6 +76,10 @@ ble_uuid_cmp(const ble_uuid_t *uuid1, const ble_uuid_t *uuid2)
BLE_HS_DBG_ASSERT(verify_uuid(uuid1) == 0);
BLE_HS_DBG_ASSERT(verify_uuid(uuid2) == 0);
+ if (uuid1->type != uuid2->type) {
+ return uuid1->type - uuid2->type;
+ }
+
switch (uuid1->type) {
case BLE_UUID_TYPE_16:
return (int) BLE_UUID16(uuid1)->value - (int) BLE_UUID16(uuid2)->value;