blob: 4ca60f99d568d2b8326c27327df1cffd479a7a9f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
From b808b2852a0b48c6f9dbb038f932613cea3126c2 Mon Sep 17 00:00:00 2001
From: Hitendra Prajapati <hprajapati@mvista.com>
Date: Thu, 27 Oct 2022 09:51:27 +0530
Subject: [PATCH] CVE-2022-3637
Upstream-Status: Backport [https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/monitor/jlink.c?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f]
CVE: CVE-2022-3637
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
monitor: Fix crash when using RTT backend
This fix regression introduced by "monitor: Fix memory leaks".
J-Link shared library is in use if jlink_init() returns 0 and thus
handle shall not be closed.
---
monitor/jlink.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/monitor/jlink.c b/monitor/jlink.c
index afa9d93..5bd4aed 100644
--- a/monitor/jlink.c
+++ b/monitor/jlink.c
@@ -120,9 +120,12 @@ int jlink_init(void)
!jlink.tif_select || !jlink.setspeed ||
!jlink.connect || !jlink.getsn ||
!jlink.emu_getproductname ||
- !jlink.rtterminal_control || !jlink.rtterminal_read)
+ !jlink.rtterminal_control || !jlink.rtterminal_read) {
+ dlclose(so);
return -EIO;
+ }
+ /* don't dlclose(so) here cause symbols from it are in use now */
return 0;
}
--
2.25.1
|