[openobex-users] crash on OBEX_SetCustomData

Tue, 17 Aug 2010 05:20:45 -0700 

Hi,

There seems to be a bug on OBEX_SetCustomData:

==9876== Invalid write of size 4
==9876==    at 0x416DBCC: custom_set_data (in /usr/lib/libopenobex.so.2.0.0)
==9876==    by 0x4168DE7: OBEX_SetCustomData (in /usr/lib/libopenobex.so.2.0.0)
==9876==    by 0x804E514: gw_obex_setup_fd (gw-obex.c:346)
==9876==    by 0x8054450: rfcomm_callback (session.c:235)
==9876==    by 0x8058902: connect_cb (btio.c:163)
==9876==    by 0x40BEEFA: ??? (in /lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x407A5E4: g_main_context_dispatch (in
/lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x407E2D7: ??? (in /lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x407E816: g_main_loop_run (in /lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x8052988: main (main.c:625)
==9876==  Address 0x18 is not stack'd, malloc'd or (recently) free'd
==9876==
==9876==
==9876== Process terminating with default action of signal 11 (SIGSEGV)
==9876==  Access not within mapped region at address 0x18
==9876==    at 0x416DBCC: custom_set_data (in /usr/lib/libopenobex.so.2.0.0)
==9876==    by 0x4168DE7: OBEX_SetCustomData (in /usr/lib/libopenobex.so.2.0.0)
==9876==    by 0x804E514: gw_obex_setup_fd (gw-obex.c:346)
==9876==    by 0x8054450: rfcomm_callback (session.c:235)
==9876==    by 0x8058902: connect_cb (btio.c:163)
==9876==    by 0x40BEEFA: ??? (in /lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x407A5E4: g_main_context_dispatch (in
/lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x407E2D7: ??? (in /lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x407E816: g_main_loop_run (in /lib/libglib-2.0.so.0.2400.1)
==9876==    by 0x8052988: main (main.c:625)

I took a look and basically all transport that don't have an
ops->init, like OBEX_TRANS_FD, or it doesn't init trans->data will
most likely going to crash on custom_set_data. This was cause because
gwobex is apparently misusing OBEX_SetCustomData when in fact it using
FD transport type, but openobex should not crash either so I guess we
need a check for that.

-- 
Luiz Augusto von Dentz
Computer Engineer

------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev 
_______________________________________________
Openobex-users mailing list
Openobex-users@lists.sourceforge.net
http://lists.sourceforge.net/lists/listinfo/openobex-users

Reply via email to