diff options
author | Daniel Wagner <wagi@monom.org> | 2014-03-20 21:45:44 +0400 |
---|---|---|
committer | Zhang zhengguang <zhengguang.zhang@intel.com> | 2014-03-26 14:56:57 +0800 |
commit | 67ae0de7d88ad99fb6e9ae8e01e05d729cf316a9 (patch) | |
tree | 619905e2847c5c564b228bb2189cfe78c360610f | |
parent | e80ce9f12796a5b2a72344e75c346ab2517896e7 (diff) | |
download | connman-67ae0de7d88ad99fb6e9ae8e01e05d729cf316a9.tar.gz connman-67ae0de7d88ad99fb6e9ae8e01e05d729cf316a9.tar.bz2 connman-67ae0de7d88ad99fb6e9ae8e01e05d729cf316a9.zip |
Upstream/bluetooth: Do not derefernce NULL pointer
When hypernating following can happen:
systemd[1]: Service bluetooth.target is not needed anymore. Stopping.
systemd[1]: Stopping Bluetooth.
systemd[1]: Stopped target Bluetooth.
systemd-sleep[10271]: System resumed.
systemd[1]: Starting Bluetooth.
systemd[1]: Reached target Bluetooth.
ConnMan receives the D-Bus messages that the Network objects are gone
(during the resume phase):
connmand[13571]: plugins/bluetooth.c:object_removed() org.bluez.Network1 /org/bluez/hci0/dev_98_0D_2E_54_B7_50
connmand[13571]: plugins/bluetooth.c:pan_remove_nap() network 0xccfe30 pan 0xccfd50
This sequence sets pan->network to NULL. Then the we get the D-Bus
message that the device have gone too:
connmand[13571]: Aborting (signal 11) [/usr/sbin/connmand]
connmand[13571]: ++++++++ backtrace ++++++++
connmand[13571]: #0 0x3bbec35cb0 in /lib64/libc.so.6
connmand[13571]: #1 0x44b4be in connman_network_get_device() at ome/wagi/src/connman/src/network.c:2052
connmand[13571]: #2 0x4301e3 in device_disable_cb() at ome/wagi/src/connman/plugins/bluetooth.c:554
connmand[13571]: #3 0x4a3709 in set_property_reply() at ome/wagi/src/connman/gdbus/client.c:657
connmand[13571]: #4 0x3bca40cad2 in /lib64/libdbus-1.so.3
connmand[13571]: #5 0x3bca40fdc1 in /lib64/libdbus-1.so.3
connmand[13571]: #6 0x49ce5f in message_dispatch() at ome/wagi/src/connman/gdbus/mainloop.c:72 (discriminator 1)
connmand[13571]: #7 0x3bc0c492a6 in /lib64/libglib-2.0.so.0
connmand[13571]: #8 0x3bc0c49628 in /lib64/libglib-2.0.so.0
connmand[13571]: #9 0x3bc0c49a3a in /lib64/libglib-2.0.so.0
connmand[13571]: #10 0x4435a2 in main() at ome/wagi/src/connman/src/main.c:695
connmand[13571]: #11 0x3bbec21d65 in /lib64/libc.so.6
connmand[13571]: +++++++++++++++++++++++++++
device_disable_cb() blindly passes a NULL pointer to
connman_network_get_device().
Upstream CommitID: 1a8bb0ea8cbfd4b77fe7ef1a4bb2fc174468aedf
Change-Id: Ia4128e1e90d5ec61e76867cbe28ce1579fd2650f
-rw-r--r-- | plugins/bluetooth.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/bluetooth.c b/plugins/bluetooth.c index 8bbf2ad1..a3946595 100644 --- a/plugins/bluetooth.c +++ b/plugins/bluetooth.c @@ -543,7 +543,7 @@ static void device_disable_cb(const DBusError *error, void *user_data) while (g_hash_table_iter_next(&iter, &key, &value) == TRUE) { struct bluetooth_pan *pan = value; - if (connman_network_get_device(pan->network) == device) { + if (pan->network && connman_network_get_device(pan->network) == device) { DBG("disable network %p", pan->network); connman_device_remove_network(device, pan->network); } |