upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-05 06:42:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

bluetooth socket sysinit: correct memset initialization

Browse source 
gcc -Wmemset-elt-size diagnosed this.  The code was only initializing
the first 1/sizeof(long) bytes.  On 64-bit systems, this would mean only
events up to 0x20 were initialized.

This effectively reverses the security policy for some events with
higher ids, now permitting them on unprivileged sockets.  Two that are
defined are NG_HCI_EVENT_LE (0x3e) and NG_HCI_EVENT_BT_LOGO (0xfe).

PR:		280039
Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D45707
This commit is contained in:
Ryan Libby 2024-07-01 08:22:31 -07:00
parent 2abea9df01
commit f8a46de2dd
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
sys/netgraph/bluetooth/socket/ng_btsocket_hci_raw.c
View file

@ -808,8 +808,7 @@ ng_btsocket_hci_raw_init(void *arg __unused)
/* Enable all events */
memset(&ng_btsocket_hci_raw_sec_filter->events, 0xff,
sizeof(ng_btsocket_hci_raw_sec_filter->events)/
sizeof(ng_btsocket_hci_raw_sec_filter->events[0]));
sizeof(ng_btsocket_hci_raw_sec_filter->events));
/* Disable some critical events */
f = ng_btsocket_hci_raw_sec_filter->events;