Google Git
Sign in
android / platform / system / bt / 87b81e5
commit87b81e56be35be05149db7649c5848e8c33de92a[log] [tgz]
authorScott Bauer <sbauer@plzdonthack.me>Thu Apr 06 18:35:40 2017 -0600
committerandroid-build-team Robot <android-build-team-robot@google.com>Fri Nov 03 19:54:53 2017 +0000
tree998d5edf92c97bf55015997205441e08e41f2f83
parent7f5ea9d15519f4c078b76586e14814923af814fd [diff]
Read the correct amount of attributes

bta_gattc_cache_load currently attempts to read 0xFF attributes into an
allocation sized to num_attr attributes, which can be smaller than 0xFF.

There aren't more than num_attr bytes in correct data, but this breaks
with dynamic buffer overflow checking in CopperheadOS for the read
system call since fread ends up calling read, which obtains the size of
the allocation from the malloc implementation and then aborts due to the
(potential) overflow.

This would also fail with the default enabled _FORTIFY_SOURCE=2 feature
in the Android Open Source Project if osi_malloc was marked with the
alloc_size attribute. The way it wraps malloc loses that information so
fortify checks aren't done for calls like this.

Bug: 37160362
Change-Id: I68bd170d5378c9d9d21cbda376083bc0b857e15c
Signed-off-by: Scott Bauer <sbauer@plzdonthack.me>
[migrated to C++ file, added 0xFFFF limit and wrote commit message]
Signed-off-by: Daniel Micay <danielmicay@gmail.com>
(cherry picked from commit 8eb6493ad56ed4fd8310bf96042cc54eb5b450dd)
1 file changed
tree: 998d5edf92c97bf55015997205441e08e41f2f83
  1. audio_a2dp_hw/
  2. bta/
  3. btcore/
  4. btif/
  5. build/
  6. conf/
  7. device/
  8. doc/
  9. embdrv/
  10. hci/
  11. include/
  12. main/
  13. osi/
  14. profile/
  15. service/
  16. stack/
  17. test/
  18. tools/
  19. udrv/
  20. utils/
  21. vendor_libs/
  22. vnd/
  23. .gitignore
  24. .gn
  25. Android.mk
  26. BUILD.gn
  27. CleanSpec.mk
  28. EventLogTags.logtags
  29. MODULE_LICENSE_APACHE2
  30. NOTICE
  31. README.md
README.md

Fluoride Bluetooth stack

Building and running on AOSP

Just build AOSP - Fluoride is there by default.

Building and running on Linux

Instructions for Ubuntu, tested on 15.10 with GCC 5.2.1.

Install required libraries

sudo apt-get install libevent-dev

Install build tools

  • Install ninja build system
sudo apt-get install ninja-build

or download binary from https://github.com/ninja-build/ninja/releases

  • Install gn - meta-build system that generates NinjaBuild files.

Get sha1 of current version from here and then download corresponding executable:

wget -O gn http://storage.googleapis.com/chromium-gn/<gn.sha1>

i.e. if sha1 is “3491f6687bd9f19946035700eb84ce3eed18c5fa” (value from 24 Feb 2016) do

wget -O gn http://storage.googleapis.com/chromium-gn/3491f6687bd9f19946035700eb84ce3eed18c5fa

Then make binary executable and put it on your PATH, i.e.:

chmod a+x ./gn
sudo mv ./gn /usr/bin

Download source

mkdir ~/fluoride
cd ~/fluoride
git clone https://android.googlesource.com/platform/system/bt

Then fetch third party dependencies:

cd ~/fluoride/bt
mkdir third_party
git clone https://github.com/google/googletest.git
git clone https://android.googlesource.com/platform/external/libchrome
git clone https://android.googlesource.com/platform/external/modp_b64
git clone https://android.googlesource.com/platform/external/tinyxml2

And third party dependencies of third party dependencies:

cd fluoride/bt/third_party/libchrome/base/third_party
mkdir valgrind
cd valgrind
curl https://chromium.googlesource.com/chromium/src/base/+/master/third_party/valgrind/valgrind.h?format=TEXT | base64 -d > valgrind.h
curl https://chromium.googlesource.com/chromium/src/base/+/master/third_party/valgrind/memcheck.h?format=TEXT | base64 -d > memcheck.h

Fluoride currently has dependency on some internal Android projects, which also need to be downloaded. This will be removed in future:

cd ~/fluoride
git clone https://android.googlesource.com/platform/system/core
git clone https://android.googlesource.com/platform/hardware/libhardware
git clone https://android.googlesource.com/platform/system/media

Configure your build

We need to configure some paths to make the build successful. Run:

cd ~/fluoride/bt
gn args out/Default

This will prompt you to fill the contents of your “out/Default/args.gn” file. Make it look like below. Replace “/home/job” with path to your home directory, and don't use “~” in build arguments:

# Build arguments go here. Examples:
#   is_component_build = true
#   is_debug = false
# See "gn args <out_dir> --list" for available build arguments.

libhw_include_path = "/home/job/fluoride/libhardware/include"
core_include_path = "/home/job/fluoride/core/include"
audio_include_path = "/home/job/fluoride/media/audio/include"

Then generate your build files by calling

cd ~/fluoride/bt
gn gen out/Default

Build

cd ~/fluoride/bt
ninja -C out/Default all

This will build all targets (the shared library, executables, tests, etc) and put them in out/Default. To build an individual target, replace “all” with the target of your choice, e.g. ninja -C out/Default net_test_osi.

Run

cd ~/fluoride/bt/out/Default
LD_LIBRARY_PATH=./ ./bluetoothtbd -create-ipc-socket=fluoride