Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bluetooth: Mesh: Config Client's net_key_status pulls two key indexes, should pull one. #24601

Closed
trond-snekvik opened this issue Apr 22, 2020 · 0 comments · Fixed by #24603
Closed

Bluetooth: Mesh: Config Client's net_key_status pulls two key indexes, should pull one. #24601

trond-snekvik opened this issue Apr 22, 2020 · 0 comments · Fixed by #24603
Assignees
@jhedberg @trond-snekvik
Labels
area: Bluetooth Mesh area: Bluetooth bug The issue is a bug, or the PR is fixing a bug

Comments

@trond-snekvik
Copy link
Contributor

Config client's net_key_status handler uses key_index_unpack to unpack two key indexes from net_key_status, while the message only has one. This triggers access to unused memory, and asserts net buf.
@trond-snekvik trond-snekvik added bug The issue is a bug, or the PR is fixing a bug area: Bluetooth area: Bluetooth Mesh labels Apr 22, 2020
trond-snekvik added a commit to trond-snekvik/zephyr that referenced this issue Apr 22, 2020
@trond-snekvik
Bluetooth: Mesh: net_key_status only pull one key idx
2b33cf3 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes zephyrproject-rtos#24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
@trond-snekvik trond-snekvik mentioned this issue Apr 22, 2020
Merged
jhedberg pushed a commit that referenced this issue Apr 23, 2020
@trond-snekvik @jhedberg
Bluetooth: Mesh: net_key_status only pull one key idx
00ba872 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes #24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
trond-snekvik added a commit to trond-snekvik/zephyr that referenced this issue Apr 28, 2020
@trond-snekvik
Bluetooth: Mesh: net_key_status only pull one key idx
3536227 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes zephyrproject-rtos#24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
@trond-snekvik trond-snekvik mentioned this issue Apr 28, 2020
Merged
trond-snekvik added a commit to trond-snekvik/zephyr that referenced this issue Apr 28, 2020
@trond-snekvik
Bluetooth: Mesh: net_key_status only pull one key idx
a8bfcb1 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes zephyrproject-rtos#24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
@trond-snekvik trond-snekvik mentioned this issue Apr 28, 2020
Merged
jhedberg pushed a commit that referenced this issue Apr 28, 2020
@trond-snekvik @jhedberg
Bluetooth: Mesh: net_key_status only pull one key idx
82083a9 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes #24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
sandeepbrcm pushed a commit to Broadcom/zephyr that referenced this issue Apr 30, 2020
@trond-snekvik
Bluetooth: Mesh: net_key_status only pull one key idx
c74e7a1 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes zephyrproject-rtos#24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
nashif pushed a commit that referenced this issue Jun 4, 2020
@trond-snekvik @nashif
Bluetooth: Mesh: net_key_status only pull one key idx
7173bf5 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes #24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
hakehuang pushed a commit to hakehuang/zephyr that referenced this issue Jun 20, 2020
@trond-snekvik @hakehuang
Bluetooth: Mesh: net_key_status only pull one key idx
319b132 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes zephyrproject-rtos#24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
pkral78 pushed a commit to cloudfieldcz/zephyr that referenced this issue Aug 4, 2020
@trond-snekvik @pkral78
Bluetooth: Mesh: net_key_status only pull one key idx
3d00a82 
Fixes bug where the config client's net_key_status handler would attempt
to pull two key indexes from a message which only holds one.

Fixes zephyrproject-rtos#24601.

Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jhedberg jhedberg

@trond-snekvik trond-snekvik

Labels
area: Bluetooth Mesh area: Bluetooth bug The issue is a bug, or the PR is fixing a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bluetooth: Mesh: net_key_status only pull one key idx trond-snekvik/zephyr
2 participants
@jhedberg @trond-snekvik