commit | 2adfc465f1878d60f3efe87c5e36e0c832dbb780 | [log] [tgz] |
---|---|---|
author | Brian Delwiche <delwiche@google.com> | Thu Jun 01 23:57:58 2023 +0000 |
committer | Fairphone ODM <fairphone-odm@localhost> | Thu Aug 31 16:35:24 2023 +0800 |
tree | 448ee5b569a54e0c22252341d7c27ae68e09e2f4 | |
parent | a0672b236e21a6201300311296d7590c570316d7 [diff] |
Fix UAF in gatt_cl.cc gatt_cl.cc accesses a header field after the buffer holding it may have been freed. Track the relevant state as a local variable instead. Bug: 274617156 Test: atest: bluetooth, validated against fuzzer Tag: #security Ignore-AOSP-First: Security (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d7a7f7f3311202065de4b2c17b49994053dd1244) Merged-In: I085ecfa1a9ba098ecbfecbd3cb3e263ae13f9724 Change-Id: I085ecfa1a9ba098ecbfecbd3cb3e263ae13f9724 (cherry picked from commit 71c6abafc9f679c61d38c09cc7dc9a3d7c952a99)
Just build AOSP - Fluoride is there by default.
Instructions for a Debian based distribution:
You'll want to download some pre-requisite packages as well. If you're currently configured for AOSP development, you should have all required packages. Otherwise, you can use the following apt-get list:
sudo apt-get install repo git-core gnupg flex bison gperf build-essential \ zip curl zlib1g-dev gcc-multilib g++-multilib \ x11proto-core-dev libx11-dev lib32z-dev libncurses5 \ libgl1-mesa-dev libxml2-utils xsltproc unzip liblz4-tool libssl-dev \ libc++-dev libevent-dev \ flatbuffers-compiler libflatbuffers1 \ openssl openssl-dev
You will also need a recent-ish version of Rust and Cargo. Please follow the instructions on Rustup to install a recent version.
mkdir ~/fluoride cd ~/fluoride git clone https://android.googlesource.com/platform/system/bt
Install dependencies (require sudo access). This adds some Ubuntu dependencies and also installs GN (which is the build tool we're using).
cd ~/fluoride/bt build/install_deps.sh
The following third-party dependencies are necessary but currently unavailable via a package manager. You may have to build these from source and install them to your local environment.
We provide a script to produce debian packages for those components, please follow the instructions in build/dpkg/README.txt.
The googletest packages provided by Debian/Ubuntu (libgmock-dev and libgtest-dev) do not provide pkg-config files, so you can build your own googletest using the steps below:
$ git clone https://github.com/google/googletest.git -b release-1.10.0 $ cd googletest # Main directory of the cloned repository. $ mkdir build # Create a directory to hold the build output. $ cd build $ cmake .. # Generate native build scripts for GoogleTest. $ sudo make install -DCMAKE_INSTALL_PREFIX=/usr
For host build, we depend on a few other repositories:
Clone these all somewhere and create your staging environment.
export STAGING_DIR=path/to/your/staging/dir mkdir ${STAGING_DIR} mkdir -p ${STAGING_DIR}/external ln -s $(readlink -f ${PLATFORM2_DIR}/common-mk) ${STAGING_DIR}/common-mk ln -s $(readlink -f ${PLATFORM2_DIR}/.gn) ${STAGING_DIR}/.gn ln -s $(readlink -f ${RUST_CRATE_DIR}) ${STAGING_DIR}/external/rust ln -s $(readlink -f ${PROTO_LOG_DIR}) ${STAGING_DIR}/external/proto_logging
We provide a build script to automate building assuming you've staged your build environment already as above.
./build.py --output ${OUTPUT_DIR} --platform-dir ${STAGING_DIR} --clang
This will build all targets to the output directory you've given. You can also build each stage separately (if you want to iterate on something specific):
You can choose to run only a specific stage by passing an arg via --target
.
Currently, Rust builds are a separate stage that uses Cargo to build. See gd/rust/README.md for more information.
By default on Linux, we statically link libbluetooth so you can just run the binary directly:
cd ~/fluoride/bt/out/Default ./bluetoothtbd -create-ipc-socket=fluoride