summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-wireless/bluez/files/bluez-5.58-rfkill.patch')
-rw-r--r--net-wireless/bluez/files/bluez-5.58-rfkill.patch84
1 files changed, 84 insertions, 0 deletions
diff --git a/net-wireless/bluez/files/bluez-5.58-rfkill.patch b/net-wireless/bluez/files/bluez-5.58-rfkill.patch
new file mode 100644
index 00000000000..dd7f2f978e7
--- /dev/null
+++ b/net-wireless/bluez/files/bluez-5.58-rfkill.patch
@@ -0,0 +1,84 @@
+From 382646b490c1c336dd32f9186293616ceb4d808b Mon Sep 17 00:00:00 2001
+From: Benjamin Berg <bberg@redhat.com>
+Date: Mon, 3 May 2021 14:45:00 +0200
+Subject: [PATCH 1/2] rfkill: Fix reading from rfkill socket
+
+The kernel will always send exactly one event, but the size of the
+passed struct will depend on the length of the submitted read() and the
+kernel version. i.e. the interface can be extended and we need to expect
+for a read to be longer than expected if we ask for it.
+
+Fix this by only requesting the needed length and explicitly check the
+length against the V1 version of the structure to make the code a bit
+more future proof in case the internal copy of the struct is updated to
+contain new fields.
+---
+ src/rfkill.c | 24 +++++++++++-------------
+ 1 file changed, 11 insertions(+), 13 deletions(-)
+
+diff --git a/src/rfkill.c b/src/rfkill.c
+index ec9fcdfdd..2099c5ac5 100644
+--- a/src/rfkill.c
++++ b/src/rfkill.c
+@@ -53,12 +53,12 @@ struct rfkill_event {
+ uint8_t soft;
+ uint8_t hard;
+ };
++#define RFKILL_EVENT_SIZE_V1 8
+
+ static gboolean rfkill_event(GIOChannel *chan,
+ GIOCondition cond, gpointer data)
+ {
+- unsigned char buf[32];
+- struct rfkill_event *event = (void *) buf;
++ struct rfkill_event event = { 0 };
+ struct btd_adapter *adapter;
+ char sysname[PATH_MAX];
+ ssize_t len;
+@@ -69,34 +69,32 @@ static gboolean rfkill_event(GIOChannel *chan,
+
+ fd = g_io_channel_unix_get_fd(chan);
+
+- memset(buf, 0, sizeof(buf));
+-
+- len = read(fd, buf, sizeof(buf));
++ len = read(fd, &event, sizeof(event));
+ if (len < 0) {
+ if (errno == EAGAIN)
+ return TRUE;
+ return FALSE;
+ }
+
+- if (len != sizeof(struct rfkill_event))
++ if (len < RFKILL_EVENT_SIZE_V1)
+ return TRUE;
+
+ DBG("RFKILL event idx %u type %u op %u soft %u hard %u",
+- event->idx, event->type, event->op,
+- event->soft, event->hard);
++ event.idx, event.type, event.op,
++ event.soft, event.hard);
+
+- if (event->soft || event->hard)
++ if (event.soft || event.hard)
+ return TRUE;
+
+- if (event->op != RFKILL_OP_CHANGE)
++ if (event.op != RFKILL_OP_CHANGE)
+ return TRUE;
+
+- if (event->type != RFKILL_TYPE_BLUETOOTH &&
+- event->type != RFKILL_TYPE_ALL)
++ if (event.type != RFKILL_TYPE_BLUETOOTH &&
++ event.type != RFKILL_TYPE_ALL)
+ return TRUE;
+
+ snprintf(sysname, sizeof(sysname) - 1,
+- "/sys/class/rfkill/rfkill%u/name", event->idx);
++ "/sys/class/rfkill/rfkill%u/name", event.idx);
+
+ fd = open(sysname, O_RDONLY);
+ if (fd < 0)
+--
+2.31.1
+