diff --git a/.bluez.metadata b/.bluez.metadata index 714af10..06ab444 100644 --- a/.bluez.metadata +++ b/.bluez.metadata @@ -1 +1 @@ -4d8fb1328e15df4021329d3eb6329b64777badaa SOURCES/bluez-5.64.tar.xz +6c73541f2cd27543b66741d16d520970d8877940 SOURCES/bluez-5.72.tar.xz diff --git a/.gitignore b/.gitignore index 0a9b7df..6333de8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/bluez-5.64.tar.xz +SOURCES/bluez-5.72.tar.xz diff --git a/SOURCES/0001-Add-missing-mesh-gatt-JSON-files.patch b/SOURCES/0001-Add-missing-mesh-gatt-JSON-files.patch new file mode 100644 index 0000000..27fd678 --- /dev/null +++ b/SOURCES/0001-Add-missing-mesh-gatt-JSON-files.patch @@ -0,0 +1,125 @@ +From 669de134aa19fbd6b7ac59575446a064bbf27565 Mon Sep 17 00:00:00 2001 +From: Bastien Nocera +Date: Wed, 14 Feb 2024 16:51:14 +0100 +Subject: [PATCH] Add missing mesh-gatt JSON files + +--- + tools/mesh-gatt/local_node.json | 61 +++++++++++++++++++++++++++++++++ + tools/mesh-gatt/prov_db.json | 37 ++++++++++++++++++++ + 2 files changed, 98 insertions(+) + create mode 100644 tools/mesh-gatt/local_node.json + create mode 100644 tools/mesh-gatt/prov_db.json + +diff --git a/tools/mesh-gatt/local_node.json b/tools/mesh-gatt/local_node.json +new file mode 100644 +index 000000000000..5ffa7ada1f65 +--- /dev/null ++++ b/tools/mesh-gatt/local_node.json +@@ -0,0 +1,61 @@ ++{ ++ "$schema":"file:\/\/\/BlueZ\/Mesh\/local_schema\/mesh.jsonschema", ++ "meshName":"BT Mesh", ++ "netKeys":[ ++ { ++ "index": 0, ++ "keyRefresh": 0 ++ } ++ ], ++ "appKeys":[ ++ { ++ "index": 0, ++ "boundNetKey": 0 ++ }, ++ { ++ "index": 1, ++ "boundNetKey": 0 ++ } ++ ], ++"node": { ++ "IVindex":"00000005", ++ "IVupdate":"0", ++ "sequenceNumber": 0, ++ "composition": { ++ "cid": "0002", ++ "pid": "0010", ++ "vid": "0001", ++ "crpl": "000a", ++ "features": { ++ "relay": false, ++ "proxy": true, ++ "friend": false, ++ "lowPower": false ++ }, ++ "elements": [ ++ { ++ "elementIndex": 0, ++ "location": "0001", ++ "models": ["0000", "0001", "1001"] ++ } ++ ] ++ }, ++ "configuration":{ ++ "netKeys": [0], ++ "appKeys": [ 0, 1], ++ "defaultTTL": 10, ++ "elements": [ ++ { ++ "elementIndex": 0, ++ "unicastAddress":"0077", ++ "models": [ ++ { ++ "modelId": "1001", ++ "bind": [1] ++ } ++ ] ++ } ++ ] ++ } ++ } ++} +diff --git a/tools/mesh-gatt/prov_db.json b/tools/mesh-gatt/prov_db.json +new file mode 100644 +index 000000000000..74a03128d4d5 +--- /dev/null ++++ b/tools/mesh-gatt/prov_db.json +@@ -0,0 +1,37 @@ ++{ ++ "$schema":"file:\/\/\/BlueZ\/Mesh\/schema\/mesh.jsonschema", ++ "meshName":"BT Mesh", ++ "IVindex":5, ++ "IVupdate":0, ++ "netKeys":[ ++ { ++ "index":0, ++ "keyRefresh":0, ++ "key":"18eed9c2a56add85049ffc3c59ad0e12" ++ } ++ ], ++ "appKeys":[ ++ { ++ "index":0, ++ "boundNetKey":0, ++ "key":"4f68ad85d9f48ac8589df665b6b49b8a" ++ }, ++ { ++ "index":1, ++ "boundNetKey":0, ++ "key":"2aa2a6ded5a0798ceab5787ca3ae39fc" ++ } ++ ], ++ "provisioners":[ ++ { ++ "provisionerName":"BT Mesh Provisioner", ++ "unicastAddress":"0077", ++ "allocatedUnicastRange":[ ++ { ++ "lowAddress":"0100", ++ "highAddress":"7fff" ++ } ++ ] ++ } ++ ], ++} +-- +2.43.0 + diff --git a/SOURCES/0001-client-gatt-Fix-memory-leak-issues.patch b/SOURCES/0001-client-gatt-Fix-memory-leak-issues.patch deleted file mode 100644 index 2b95f56..0000000 --- a/SOURCES/0001-client-gatt-Fix-memory-leak-issues.patch +++ /dev/null @@ -1,66 +0,0 @@ -From b4233bca181580800b483a228ca5377efcfeb844 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:05 +0530 -Subject: [PATCH BlueZ 01/12] client/gatt: Fix memory leak issues - -While performing the static tool analysis using coverity tool -found following reports - -Error: RESOURCE_LEAK (CWE-772): -bluez-5.64/client/gatt.c:1531: leaked_storage: Variable "service" -going out of scope leaks the storage it points to. - -Error: RESOURCE_LEAK (CWE-772): -bluez-5.64/client/gatt.c:2626: leaked_storage: Variable "chrc" -going out of scope leaks the storage it points to. - -Error: RESOURCE_LEAK (CWE-772): -bluez-5.64/client/gatt.c:2906: leaked_storage: Variable "desc" -going out of scope leaks the storage it points to. ---- - client/gatt.c | 12 +++++++++--- - 1 file changed, 9 insertions(+), 3 deletions(-) - -diff --git a/client/gatt.c b/client/gatt.c -index 13872c794..4c1efaf75 100644 ---- a/client/gatt.c -+++ b/client/gatt.c -@@ -1527,8 +1527,10 @@ void gatt_register_service(DBusConnection *conn, GDBusProxy *proxy, - - if (argc > 2) { - service->handle = parse_handle(argv[2]); -- if (!service->handle) -+ if (!service->handle) { -+ service_free(service); - return bt_shell_noninteractive_quit(EXIT_FAILURE); -+ } - } - - if (g_dbus_register_interface(conn, service->path, -@@ -2622,8 +2624,10 @@ void gatt_register_chrc(DBusConnection *conn, GDBusProxy *proxy, - - if (argc > 3) { - chrc->handle = parse_handle(argv[3]); -- if (!chrc->handle) -+ if (!chrc->handle) { -+ chrc_free(chrc); - return bt_shell_noninteractive_quit(EXIT_FAILURE); -+ } - } - - if (g_dbus_register_interface(conn, chrc->path, CHRC_INTERFACE, -@@ -2902,8 +2906,10 @@ void gatt_register_desc(DBusConnection *conn, GDBusProxy *proxy, - - if (argc > 3) { - desc->handle = parse_handle(argv[3]); -- if (!desc->handle) -+ if (!desc->handle) { -+ desc_free(desc); - return bt_shell_noninteractive_quit(EXIT_FAILURE); -+ } - } - - if (g_dbus_register_interface(conn, desc->path, DESC_INTERFACE, --- -2.26.2 - diff --git a/SOURCES/0001-gatt-Fix-double-free-and-freed-memory-dereference.patch b/SOURCES/0001-gatt-Fix-double-free-and-freed-memory-dereference.patch deleted file mode 100644 index 555b77a..0000000 --- a/SOURCES/0001-gatt-Fix-double-free-and-freed-memory-dereference.patch +++ /dev/null @@ -1,41 +0,0 @@ -From f853012bc0142ab6056f3d9ef4abf621b1e8a756 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 24 May 2022 16:45:56 +0530 -Subject: [PATCH BlueZ] gatt: Fix double free and freed memory dereference - -commit 3627eddea13042ffc0848ae37356f30335ce2e4b -Author: Ildar Kamaletdinov -Date: Fri Apr 1 15:16:47 2022 +0300 - - gatt: Fix double free and freed memory dereference - - If device is no longer exists or not paired when notifications send it - is possible to get double free and dereference of already freed memory. - - To avoid this we need to recheck the state of device after sending - notification. - - Found by Linux Verification Center (linuxtesting.org) with the SVACE - static analysis tool. ---- - src/gatt-database.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/gatt-database.c b/src/gatt-database.c -index d6c94058c..d32f616a9 100644 ---- a/src/gatt-database.c -+++ b/src/gatt-database.c -@@ -3877,6 +3877,10 @@ void btd_gatt_database_server_connected(struct btd_gatt_database *database, - - send_notification_to_device(state, state->pending); - -+ state = find_device_state(database, &bdaddr, bdaddr_type); -+ if (!state || !state->pending) -+ return; -+ - free(state->pending->value); - free(state->pending); - state->pending = NULL; --- -2.26.2 - diff --git a/SOURCES/0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch b/SOURCES/0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch index f79d3ad..68f835a 100644 --- a/SOURCES/0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch +++ b/SOURCES/0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch @@ -1,19 +1,29 @@ -From 90b72b787a6ae6b9b0bf8ece238e108e8607a433 Mon Sep 17 00:00:00 2001 +From 873e49357081e5c5d8d3d23759f1723db7292bf6 Mon Sep 17 00:00:00 2001 From: Bastien Nocera -Date: Sat, 9 Nov 2013 18:13:43 +0100 -Subject: [PATCH 1/2] obex: Use GLib helper function to manipulate paths +Date: Mon, 12 Feb 2024 20:02:45 +0000 +Subject: [PATCH] obex: Use GLib helper function to manipulate paths Instead of trying to do it by hand. This also makes sure that relative paths aren't used by the agent. + +[Emil Velikov] +Originally this patch was posted in 2013, but deferred since bluez was +planning to move away from glib. Presently there's no obvious action +towards that goal, so I think we can safely land this. + +As mentioned by the author, current code allows for relative paths and +considering that obexd service runs without meaningful sandboxing and on +some distributions it is ran as root, we should plug the whole before +anyone (ab)uses it. --- - obexd/src/manager.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) + obexd/src/manager.c | 15 +++++---------- + 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/obexd/src/manager.c b/obexd/src/manager.c -index f84384ae4..285c07c37 100644 +index 73fd6b9aff15..cc1de7ae2ed3 100644 --- a/obexd/src/manager.c +++ b/obexd/src/manager.c -@@ -650,14 +650,14 @@ static void agent_reply(DBusPendingCall *call, void *user_data) +@@ -644,18 +644,13 @@ static void agent_reply(DBusPendingCall *call, void *user_data) DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID)) { /* Splits folder and name */ @@ -22,17 +32,21 @@ index f84384ae4..285c07c37 100644 DBG("Agent replied with %s", name); - if (!slash) { - agent->new_name = g_strdup(name); -+ if (is_relative) { -+ agent->new_name = g_path_get_basename(name); ++ agent->new_name = g_path_get_basename(name); ++ if (is_relative) agent->new_folder = NULL; - } else { -- agent->new_name = g_strdup(slash + 1); +- } else { +- if (strlen(slash) == 1) +- agent->new_name = NULL; +- else +- agent->new_name = g_strdup(slash + 1); - agent->new_folder = g_strndup(name, slash - name); -+ agent->new_name = g_path_get_basename(name); +- } ++ else + agent->new_folder = g_path_get_dirname(name); - } } + dbus_message_unref(reply); -- -2.14.1 +2.43.0 diff --git a/SOURCES/0002-mesh-appkey-Fix-memory-leaks.patch b/SOURCES/0002-mesh-appkey-Fix-memory-leaks.patch deleted file mode 100644 index 42c767b..0000000 --- a/SOURCES/0002-mesh-appkey-Fix-memory-leaks.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 5eb96b3ec8545047a74d7204664267c7aa749070 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:06 +0530 -Subject: [PATCH BlueZ 02/12] mesh/appkey: Fix memory leaks - -While performing the static analysis using the coverity tool found -following memory leak reports - -bluez-5.64/mesh/appkey.c:143: leaked_storage: Variable "key" going -out of scope leaks the storage it points to. - -Error: RESOURCE_LEAK (CWE-772): -bluez-5.64/mesh/appkey.c:146: leaked_storage: Variable "key" going -out of scope leaks the storage it points to. ---- - mesh/appkey.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/mesh/appkey.c b/mesh/appkey.c -index 5088a1812..52fed8c31 100644 ---- a/mesh/appkey.c -+++ b/mesh/appkey.c -@@ -139,11 +139,15 @@ bool appkey_key_init(struct mesh_net *net, uint16_t net_idx, uint16_t app_idx, - key->net_idx = net_idx; - key->app_idx = app_idx; - -- if (key_value && !set_key(key, app_idx, key_value, false)) -+ if (key_value && !set_key(key, app_idx, key_value, false)) { -+ appkey_key_free(key); - return false; -+ } - -- if (new_key_value && !set_key(key, app_idx, new_key_value, true)) -+ if (new_key_value && !set_key(key, app_idx, new_key_value, true)) { -+ appkey_key_free(key); - return false; -+ } - - l_queue_push_tail(app_keys, key); - --- -2.26.2 - diff --git a/SOURCES/0003-monitor-Fix-memory-leaks.patch b/SOURCES/0003-monitor-Fix-memory-leaks.patch deleted file mode 100644 index ed78701..0000000 --- a/SOURCES/0003-monitor-Fix-memory-leaks.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 6f02010ce0043ec2e17eb15f2a1dd42f6c64e223 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:07 +0530 -Subject: [PATCH BlueZ 03/12] monitor: Fix memory leaks - -While performing static tool analysis using coverity -found following reports for resouse leak - -bluez-5.64/monitor/jlink.c:111: leaked_storage: Variable "so" -going out of scope leaks the storage it points to. - -bluez-5.64/monitor/jlink.c:113: leaked_storage: Variable "so" -going out of scope leaks the storage it points to. ---- - monitor/jlink.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/monitor/jlink.c b/monitor/jlink.c -index 9aaa4ebd8..f1d8ce660 100644 ---- a/monitor/jlink.c -+++ b/monitor/jlink.c -@@ -107,9 +107,12 @@ int jlink_init(void) - !jlink.tif_select || !jlink.setspeed || - !jlink.connect || !jlink.getsn || - !jlink.emu_getproductname || -- !jlink.rtterminal_control || !jlink.rtterminal_read) -+ !jlink.rtterminal_control || !jlink.rtterminal_read) { -+ dlclose(so); - return -EIO; -+ } - -+ dlclose(so); - return 0; - } - --- -2.26.2 - diff --git a/SOURCES/0004-sixaxis-Fix-memory-leaks.patch b/SOURCES/0004-sixaxis-Fix-memory-leaks.patch deleted file mode 100644 index b2f358c..0000000 --- a/SOURCES/0004-sixaxis-Fix-memory-leaks.patch +++ /dev/null @@ -1,43 +0,0 @@ -From fc57aa92a4f32f7c0f38198e6d26b529b537a047 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:08 +0530 -Subject: [PATCH BlueZ 04/12] sixaxis: Fix memory leaks - -While performing static tool analysis using coverity -found following reports for resouse leak - -bluez-5.64/plugins/sixaxis.c:425: alloc_arg: -"get_pairing_type_for_device" allocates memory that is -stored into "sysfs_path". - -bluez-5.64/plugins/sixaxis.c:428: leaked_storage: Variable "sysfs_path" -going out of scope leaks the storage it points to. ---- - plugins/sixaxis.c | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/plugins/sixaxis.c b/plugins/sixaxis.c -index ddecbcccb..10cf15948 100644 ---- a/plugins/sixaxis.c -+++ b/plugins/sixaxis.c -@@ -424,10 +424,15 @@ static void device_added(struct udev_device *udevice) - - cp = get_pairing_type_for_device(udevice, &bus, &sysfs_path); - if (!cp || (cp->type != CABLE_PAIRING_SIXAXIS && -- cp->type != CABLE_PAIRING_DS4)) -+ cp->type != CABLE_PAIRING_DS4)) { -+ g_free(sysfs_path); - return; -- if (bus != BUS_USB) -+ } -+ -+ if (bus != BUS_USB) { -+ g_free(sysfs_path); - return; -+ } - - info("sixaxis: compatible device connected: %s (%04X:%04X %s)", - cp->name, cp->vid, cp->pid, sysfs_path); --- -2.26.2 - diff --git a/SOURCES/0005-cltest-Fix-leaked_handle.patch b/SOURCES/0005-cltest-Fix-leaked_handle.patch deleted file mode 100644 index c33047e..0000000 --- a/SOURCES/0005-cltest-Fix-leaked_handle.patch +++ /dev/null @@ -1,29 +0,0 @@ -From f4743109f381a4d53b476c5b77c7c68a6aa40b59 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:09 +0530 -Subject: [PATCH BlueZ 05/12] cltest: Fix leaked_handle - -While performing static tool analysis using coverity found -following reports for resouse leak - -bluez-5.64/tools/cltest.c:75: leaked_handle: Handle variable "fd" -going out of scope leaks the handle. ---- - tools/cltest.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/tools/cltest.c b/tools/cltest.c -index 2766fcd23..250c93cc7 100644 ---- a/tools/cltest.c -+++ b/tools/cltest.c -@@ -72,6 +72,7 @@ static bool send_message(const bdaddr_t *src, const bdaddr_t *dst, - return false; - } - -+ close(fd); - return true; - } - --- -2.26.2 - diff --git a/SOURCES/0006-create-image-Fix-leaked_handle.patch b/SOURCES/0006-create-image-Fix-leaked_handle.patch deleted file mode 100644 index 981dfc3..0000000 --- a/SOURCES/0006-create-image-Fix-leaked_handle.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 4ae130455b173650f564d92f7908a7ca4f7b1ee6 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:10 +0530 -Subject: [PATCH BlueZ 06/12] create-image: Fix leaked_handle - -While performing static tool analysis using coverity found following -reports for resouse leak - -bluez-5.64/tools/create-image.c:124: leaked_storage: Variable "map" -going out of scope leaks the storage it points to. ---- - tools/create-image.c | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/tools/create-image.c b/tools/create-image.c -index aba940da7..90cd87315 100644 ---- a/tools/create-image.c -+++ b/tools/create-image.c -@@ -97,12 +97,13 @@ static void write_block(FILE *fp, const char *pathname, unsigned int ino, - - map = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0); - if (!map || map == MAP_FAILED) { -- close(fd); -- fd = -1; - map = NULL; - st.st_size = 0; - } - -+ close(fd); -+ fd = -1; -+ - done: - fprintf(fp, HDR_FMT, HDR_MAGIC, ino, mode, 0, 0, 1, 0, - (uintmax_t) st.st_size, 0, 0, 0, 0, namelen + 1, 0, name); -@@ -117,9 +118,7 @@ done: - pad = 3 - ((st.st_size + 3) % 4); - for (i = 0; i < pad; i++) - fputc(0, fp); -- - munmap(map, st.st_size); -- close(fd); - } - } - --- -2.26.2 - diff --git a/SOURCES/0007-l2cap-tester-Fix-leaked_handle.patch b/SOURCES/0007-l2cap-tester-Fix-leaked_handle.patch deleted file mode 100644 index c1b9472..0000000 --- a/SOURCES/0007-l2cap-tester-Fix-leaked_handle.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 4334be027ae1ad50193025c90e77a76b64464b53 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:11 +0530 -Subject: [PATCH BlueZ 07/12] l2cap-tester: Fix leaked_handle - -While performing static tool analysis using coverity found following -reports for resouse leak - -bluez-5.64/tools/l2cap-tester.c:1712: leaked_handle: Handle variable -"new_sk" going out of scope leaks the handle. ---- - tools/l2cap-tester.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/tools/l2cap-tester.c b/tools/l2cap-tester.c -index d78b1e29c..3f0464013 100644 ---- a/tools/l2cap-tester.c -+++ b/tools/l2cap-tester.c -@@ -1709,6 +1709,7 @@ static gboolean l2cap_listen_cb(GIOChannel *io, GIOCondition cond, - - if (!check_mtu(data, new_sk)) { - tester_test_failed(); -+ close(new_sk); - return FALSE; - } - --- -2.26.2 - diff --git a/SOURCES/0008-mesh-mesh-db-Fix-resource-leaks.patch b/SOURCES/0008-mesh-mesh-db-Fix-resource-leaks.patch deleted file mode 100644 index 0def877..0000000 --- a/SOURCES/0008-mesh-mesh-db-Fix-resource-leaks.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 35cbfd9660949fca23418bfa32fd51d81ed91208 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:12 +0530 -Subject: [PATCH BlueZ 08/12] mesh/mesh-db: Fix resource leaks - -While performing static tool analysis using coverity found following -reports for resouse leak - -bluez-5.64/tools/mesh/mesh-db.c:2388: leaked_handle: Handle variable -"fd" going out of scope leaks the handle. - -bluez-5.64/tools/mesh/mesh-db.c:2388: leaked_storage: Variable "str" -going out of scope leaks the storage it points to. ---- - tools/mesh/mesh-db.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/tools/mesh/mesh-db.c b/tools/mesh/mesh-db.c -index fa11837df..896ff722c 100644 ---- a/tools/mesh/mesh-db.c -+++ b/tools/mesh/mesh-db.c -@@ -2384,6 +2384,8 @@ bool mesh_db_load(const char *fname) - - sz = read(fd, str, st.st_size); - if (sz != st.st_size) { -+ close(fd); -+ l_free(str); - l_error("Failed to read configuration file %s", fname); - return false; - } --- -2.26.2 - diff --git a/SOURCES/0009-obex-client-Fix-leaked_handle.patch b/SOURCES/0009-obex-client-Fix-leaked_handle.patch deleted file mode 100644 index 1611717..0000000 --- a/SOURCES/0009-obex-client-Fix-leaked_handle.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 39b638526d9a45d54d2d6e3f175fd7eb057ef8f0 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:13 +0530 -Subject: [PATCH BlueZ 09/12] obex-client: Fix leaked_handle - -While performing static tool analysis using coverity found following -reports for resouse leak - -bluez-5.64/tools/obex-client-tool.c:315: leaked_handle: Handle variable -"sk" going out of scope leaks the handle. ---- - tools/obex-client-tool.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/tools/obex-client-tool.c b/tools/obex-client-tool.c -index ab9332896..cb0e41247 100644 ---- a/tools/obex-client-tool.c -+++ b/tools/obex-client-tool.c -@@ -312,6 +312,7 @@ static GIOChannel *unix_connect(GObexTransportType transport) - if (connect(sk, (struct sockaddr *) &addr, sizeof(addr)) < 0) { - err = errno; - g_printerr("connect: %s (%d)\n", strerror(err), err); -+ close(sk); - return NULL; - } - --- -2.26.2 - diff --git a/SOURCES/0010-pbap-Fix-memory-leak.patch b/SOURCES/0010-pbap-Fix-memory-leak.patch deleted file mode 100644 index 6bcceb2..0000000 --- a/SOURCES/0010-pbap-Fix-memory-leak.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 06d3c7429ad6bdf6eef1bcedee327e74a33c40bf Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:15 +0530 -Subject: [PATCH BlueZ 10/12] pbap: Fix memory leak - -Reported by coverity tool as follows: - -bluez-5.64/obexd/client/pbap.c:929: leaked_storage: Variable "apparam" -going out of scope leaks the storage it points to. ---- - obexd/client/pbap.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/obexd/client/pbap.c b/obexd/client/pbap.c -index 1a2bacc9f..1ed8c68ec 100644 ---- a/obexd/client/pbap.c -+++ b/obexd/client/pbap.c -@@ -925,10 +925,11 @@ static DBusMessage *pbap_search(DBusConnection *connection, - return g_dbus_create_error(message, - ERROR_INTERFACE ".InvalidArguments", NULL); - -- if (dbus_message_iter_get_arg_type(&args) != DBUS_TYPE_STRING) -+ if (dbus_message_iter_get_arg_type(&args) != DBUS_TYPE_STRING) { -+ g_obex_apparam_free(apparam); - return g_dbus_create_error(message, - ERROR_INTERFACE ".InvalidArguments", NULL); -- -+ } - dbus_message_iter_get_basic(&args, &value); - dbus_message_iter_next(&args); - --- -2.26.2 - diff --git a/SOURCES/0011-meshctl-Fix-possible-use_after_free.patch b/SOURCES/0011-meshctl-Fix-possible-use_after_free.patch deleted file mode 100644 index 76903b1..0000000 --- a/SOURCES/0011-meshctl-Fix-possible-use_after_free.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 56bda20ce9e3e5c4684b37cffd4527264c2b4c1e Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:16 +0530 -Subject: [PATCH BlueZ 11/12] meshctl: Fix possible use_after_free - -Reported by coverity tool as follows : - -bluez-5.64/tools/meshctl.c:1968: freed_arg: "g_free" frees "mesh_dir". - -bluez-5.64/tools/meshctl.c:2018: double_free: Calling "g_free" frees -pointer "mesh_dir" which has already been freed. ---- - tools/meshctl.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/tools/meshctl.c b/tools/meshctl.c -index 18e20c40d..38ffd35f3 100644 ---- a/tools/meshctl.c -+++ b/tools/meshctl.c -@@ -2015,7 +2015,6 @@ int main(int argc, char *argv[]) - - fail: - bt_shell_cleanup(); -- g_free(mesh_dir); - - return EXIT_FAILURE; - } --- -2.26.2 - diff --git a/SOURCES/0012-mesh-gatt-Fix-use_after_free.patch b/SOURCES/0012-mesh-gatt-Fix-use_after_free.patch deleted file mode 100644 index 234aaea..0000000 --- a/SOURCES/0012-mesh-gatt-Fix-use_after_free.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 5cdaeaefc350ea3c42719284b88406579d032fb6 Mon Sep 17 00:00:00 2001 -From: Gopal Tiwari -Date: Tue, 31 May 2022 13:11:17 +0530 -Subject: [PATCH BlueZ 12/12] mesh-gatt: Fix use_after_free - -Following scenario happens when prov is false and we have double free as -mentioned in the below - -bluez-5.64/tools/mesh-gatt/prov-db.c:847: freed_arg: "g_free" frees -"in_str". - -bluez-5.64/tools/mesh-gatt/prov-db.c:867: double_free: Calling "g_free" -frees pointer "in_str" which has already been freed. ---- - tools/mesh-gatt/prov-db.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/tools/mesh-gatt/prov-db.c b/tools/mesh-gatt/prov-db.c -index 2fb08f799..a5b6997e0 100644 ---- a/tools/mesh-gatt/prov-db.c -+++ b/tools/mesh-gatt/prov-db.c -@@ -859,7 +859,8 @@ bool prov_db_local_set_iv_index(uint32_t iv_index, bool update, bool prov) - - set_local_iv_index(jmain, iv_index, update); - prov_file_write(jmain, false); -- } -+ } else -+ return true; - - res = true; - done: --- -2.26.2 - diff --git a/SPECS/bluez.spec b/SPECS/bluez.spec index c6669b6..50474b6 100644 --- a/SPECS/bluez.spec +++ b/SPECS/bluez.spec @@ -5,7 +5,7 @@ %endif Name: bluez -Version: 5.64 +Version: 5.72 Release: 2%{?dist} Summary: Bluetooth utilities License: GPLv2+ @@ -16,26 +16,8 @@ Source1: bluez.gitignore # https://github.com/hadess/bluez/commits/obex-5.46 Patch1: 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch -# https://github.com/hadess/bluez/commits/systemd-hardening -#Patch10: 0001-build-Always-define-confdir-and-statedir.patch -#Patch11: 0002-systemd-Add-PrivateTmp-and-NoNewPrivileges-options.patch -#Patch12: 0003-systemd-Add-more-filesystem-lockdown.patch -#Patch13: 0004-systemd-More-lockdown.patch -#Patch14: 0005-media-rename-local-function-conflicting-with-pause-2.patch -#Patch15: bluez-avdtp-fix-removing-all-seps-when-loading-from-cache.patch -Patch2: 0001-client-gatt-Fix-memory-leak-issues.patch -Patch3: 0002-mesh-appkey-Fix-memory-leaks.patch -Patch4: 0003-monitor-Fix-memory-leaks.patch -Patch5: 0004-sixaxis-Fix-memory-leaks.patch -Patch6: 0005-cltest-Fix-leaked_handle.patch -Patch7: 0006-create-image-Fix-leaked_handle.patch -Patch8: 0007-l2cap-tester-Fix-leaked_handle.patch -Patch9: 0008-mesh-mesh-db-Fix-resource-leaks.patch -Patch10: 0009-obex-client-Fix-leaked_handle.patch -Patch11: 0010-pbap-Fix-memory-leak.patch -Patch12: 0011-meshctl-Fix-possible-use_after_free.patch -Patch13: 0012-mesh-gatt-Fix-use_after_free.patch -Patch14: 0001-gatt-Fix-double-free-and-freed-memory-dereference.patch +# https://patchwork.kernel.org/project/bluetooth/patch/20240214155019.325715-1-hadess@hadess.net/ +Patch2: 0001-Add-missing-mesh-gatt-JSON-files.patch BuildRequires: dbus-devel >= 1.6 BuildRequires: glib2-devel @@ -53,6 +35,7 @@ BuildRequires: cups-devel BuildRequires: libtool automake autoconf # For man pages BuildRequires: python3-docutils +BuildRequires: python3-pygments Requires: dbus >= 1.6 Requires(post): systemd @@ -162,9 +145,7 @@ Object Exchange daemon for sharing files, contacts etc over bluetooth %build autoreconf -vif %configure --enable-tools --enable-library --disable-optimization \ -%if %{with deprecated} --enable-deprecated \ -%endif --enable-sixaxis --enable-cups --enable-nfc --enable-mesh \ --enable-hid2hci --enable-testing \ --with-systemdsystemunitdir=%{_unitdir} \ @@ -179,6 +160,10 @@ autoreconf -vif # "make install" fails to install gatttool, necessary for Bluetooth Low Energy # Red Hat Bugzilla bug #1141909, Debian bug #720486 install -m0755 attrib/gatttool $RPM_BUILD_ROOT%{_bindir} +%else +for i in ciptool gatttool hciattach hciconfig hcidump hcitool rfcomm sdptool ; do \ + rm -f $RPM_BUILD_ROOT%{_bindir}/$i $RPM_BUILD_ROOT%{_mandir}/man1/$i*.1* ; \ +done %endif # "make install" fails to install avinfo @@ -249,7 +234,6 @@ install emulator/btvirt ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/ %doc AUTHORS ChangeLog %dir %{_sysconfdir}/bluetooth %config %{_sysconfdir}/bluetooth/main.conf -%config %{_sysconfdir}/dbus-1/system.d/bluetooth.conf %{_bindir}/avinfo %{_bindir}/bluemoon %{_bindir}/bluetoothctl @@ -258,19 +242,20 @@ install emulator/btvirt ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/ %{_bindir}/btmon %{_bindir}/hex2hcd %{_bindir}/l2ping -%{_bindir}/l2test %{_bindir}/mpris-proxy -%{_bindir}/rctest +%{_mandir}/man1/bluetoothctl.1.* +%{_mandir}/man1/bluetoothctl-*.1.* %{_mandir}/man1/btattach.1.* +%{_mandir}/man1/btmgmt.1.* %{_mandir}/man1/btmon.1.* %{_mandir}/man1/l2ping.1.* -%{_mandir}/man1/rctest.1.* %{_mandir}/man8/bluetoothd.8.* %dir %{_libexecdir}/bluetooth %{_libexecdir}/bluetooth/bluetoothd %{_libdir}/bluetooth/ %{_localstatedir}/lib/bluetooth %{_datadir}/dbus-1/system-services/org.bluez.service +%{_datadir}/dbus-1/system.d/bluetooth.conf %{_unitdir}/bluetooth.service %{_datadir}/zsh/site-functions/_bluetoothctl @@ -300,8 +285,14 @@ install emulator/btvirt ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/ %files libs-devel %doc doc/*txt +%{_bindir}/isotest +%{_bindir}/l2test +%{_bindir}/rctest %{_libdir}/libbluetooth.so %{_includedir}/bluetooth +%{_mandir}/man1/isotest.1.* +%{_mandir}/man1/rctest.1.* +%{_mandir}/man5/org.bluez.*.5.* %{_libdir}/pkgconfig/bluez.pc %dir %{_libexecdir}/bluetooth %{_libexecdir}/bluetooth/btvirt @@ -317,11 +308,11 @@ install emulator/btvirt ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/ %files mesh %doc tools/mesh-gatt/*.json %config %{_sysconfdir}/bluetooth/mesh-main.conf -%config %{_sysconfdir}/dbus-1/system.d/bluetooth-mesh.conf %{_bindir}/meshctl %{_bindir}/mesh-cfgclient %{_bindir}/mesh-cfgtest %{_datadir}/dbus-1/system-services/org.bluez.mesh.service +%{_datadir}/dbus-1/system.d/bluetooth-mesh.conf %{_libexecdir}/bluetooth/bluetooth-meshd %{_unitdir}/bluetooth-mesh.service %{_localstatedir}/lib/bluetooth/mesh @@ -333,13 +324,19 @@ install emulator/btvirt ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/ %{_userunitdir}/obex.service %changelog +* Mon Jul 15 2024 David Marlin - 5.72-2 +- Bump release to rebuild for RHEL-9.5 + +* Thu Feb 15 2024 Bastien Nocera - 5.72-1 +- Update to 5.72 + * Thu Jun 9 2022 Gopal Tiwari - 5.64-2 - Coverity fixes for bluez. * Thu May 5 2022 Gopal Tiwari - 5.64-1 - Update to 5.64 -* Fri Dec 16 2021 Gopal Tiwari - 5.56-8 +* Thu Dec 16 2021 Gopal Tiwari - 5.56-8 - Fixing Gating and version Related: rhbz#2027435