Parent: 05efcccdcc5e7fae85eca1a9720b38664996c930
Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Committer: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date: 2024-02-02 17:10:43
Tree: bf93e2bbb752bf5dad719a45f23007c8ae49c7e6
btdev: Fix crash on BIG Sync Terminate command When receiving BIG Sync Terminate command the following crash could be observed: Invalid read of size 8 at 0x15FC9F: cmd_big_term_sync (btdev.c:6417) by 0x15D19D: run_cmd (btdev.c:7269) by 0x16E7DF: process_cmd (btdev.c:7425) by 0x16E7DF: btdev_receive_h4 (btdev.c:7516) by 0x143AB9: vhci_read_callback (vhci.c:77) by 0x185AAE: io_callback (io-mainloop.c:110) by 0x187158: mainloop_run (mainloop.c:106) by 0x188357: mainloop_run_with_signal (mainloop-notify.c:188) by 0x4EA6B89: (below main) (in /usr/lib64/libc.so.6) Address 0x53cf678 is 8 bytes inside a block of size 16 free'd at 0x4845B2C: free (vg_replace_malloc.c:985) by 0x17E0FE: queue_remove (queue.c:256) by 0x1497F0: conn_remove (btdev.c:537) by 0x15FC8A: cmd_big_term_sync (btdev.c:6427) by 0x15D19D: run_cmd (btdev.c:7269) by 0x16E7DF: process_cmd (btdev.c:7425) by 0x16E7DF: btdev_receive_h4 (btdev.c:7516) by 0x143AB9: vhci_read_callback (vhci.c:77) by 0x185AAE: io_callback (io-mainloop.c:110) by 0x187158: mainloop_run (mainloop.c:106) by 0x188357: mainloop_run_with_signal (mainloop-notify.c:188) by 0x4EA6B89: (below main) (in /usr/lib64/libc.so.6)
Diffstat
| M | emulator/btdev.c | | | 1 | + |
1 files changed, 1 insertions(+), 0 deletions(-)