Projects
Factory:RISC-V:Base
bluez
_service:tar_scm:backport-0004-CVE-2021-0129.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-0004-CVE-2021-0129.patch of Package bluez
From 00da0fb4972cf59e1c075f313da81ea549cb8738 Mon Sep 17 00:00:00 2001 From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Date: Tue, 2 Mar 2021 11:38:33 -0800 Subject: [PATCH] shared/gatt-server: Fix not properly checking for secure flags When passing the mask to check_permissions all valid permissions for the operation must be set including BT_ATT_PERM_SECURE flags. Conflict:NA Reference:https://github.com/bluez/bluez/commit/00da0fb4972cf59e1c075f313da81ea549cb8738 --- src/shared/att-types.h | 8 ++++++++ src/shared/gatt-server.c | 25 +++++++------------------ 2 files changed, 15 insertions(+), 18 deletions(-) diff --git a/src/shared/att-types.h b/src/shared/att-types.h index 7108b4e94a..3adc05d9e3 100644 --- a/src/shared/att-types.h +++ b/src/shared/att-types.h @@ -129,6 +129,14 @@ struct bt_att_pdu_error_rsp { #define BT_ATT_PERM_WRITE_SECURE 0x0200 #define BT_ATT_PERM_SECURE (BT_ATT_PERM_READ_SECURE | \ BT_ATT_PERM_WRITE_SECURE) +#define BT_ATT_PERM_READ_MASK (BT_ATT_PERM_READ | \ + BT_ATT_PERM_READ_AUTHEN | \ + BT_ATT_PERM_READ_ENCRYPT | \ + BT_ATT_PERM_READ_SECURE) +#define BT_ATT_PERM_WRITE_MASK (BT_ATT_PERM_WRITE | \ + BT_ATT_PERM_WRITE_AUTHEN | \ + BT_ATT_PERM_WRITE_ENCRYPT | \ + BT_ATT_PERM_WRITE_SECURE) /* GATT Characteristic Properties Bitfield values */ #define BT_GATT_CHRC_PROP_BROADCAST 0x01 diff --git a/src/shared/gatt-server.c b/src/shared/gatt-server.c index b5f7de7dc3..970c35f94e 100644 --- a/src/shared/gatt-server.c +++ b/src/shared/gatt-server.c @@ -444,9 +444,7 @@ static void process_read_by_type(struct async_read_op *op) return; } - ecode = check_permissions(server, attr, BT_ATT_PERM_READ | - BT_ATT_PERM_READ_AUTHEN | - BT_ATT_PERM_READ_ENCRYPT); + ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK); if (ecode) goto error; @@ -811,9 +809,7 @@ static void write_cb(struct bt_att_chan *chan, uint8_t opcode, const void *pdu, (opcode == BT_ATT_OP_WRITE_REQ) ? "Req" : "Cmd", handle); - ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE | - BT_ATT_PERM_WRITE_AUTHEN | - BT_ATT_PERM_WRITE_ENCRYPT); + ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK); if (ecode) goto error; @@ -913,9 +909,7 @@ static void handle_read_req(struct bt_att_chan *chan, opcode == BT_ATT_OP_READ_BLOB_REQ ? "Blob " : "", handle); - ecode = check_permissions(server, attr, BT_ATT_PERM_READ | - BT_ATT_PERM_READ_AUTHEN | - BT_ATT_PERM_READ_ENCRYPT); + ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK); if (ecode) goto error; @@ -1051,9 +1045,8 @@ static void read_multiple_complete_cb(struct gatt_db_attribute *attr, int err, goto error; } - ecode = check_permissions(data->server, next_attr, BT_ATT_PERM_READ | - BT_ATT_PERM_READ_AUTHEN | - BT_ATT_PERM_READ_ENCRYPT); + ecode = check_permissions(data->server, next_attr, + BT_ATT_PERM_READ_MASK); if (ecode) goto error; @@ -1129,9 +1122,7 @@ static void read_multiple_cb(struct bt_att_chan *chan, uint8_t opcode, goto error; } - ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ | - BT_ATT_PERM_READ_AUTHEN | - BT_ATT_PERM_READ_ENCRYPT); + ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ_MASK); if (ecode) goto error; @@ -1308,9 +1299,7 @@ static void prep_write_cb(struct bt_att_chan *chan, uint8_t opcode, util_debug(server->debug_callback, server->debug_data, "Prep Write Req - handle: 0x%04x", handle); - ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE | - BT_ATT_PERM_WRITE_AUTHEN | - BT_ATT_PERM_WRITE_ENCRYPT); + ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK); if (ecode) goto error;
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2