commit | d1937cdc9706c6a56b91267aa4afed243e6c64d9 | [log] [tgz] |
---|---|---|
author | Brian Delwiche <delwiche@google.com> | Fri Dec 02 00:41:24 2022 +0000 |
committer | Fairphone ODM <fairphone-odm@localhost> | Tue Mar 14 10:30:53 2023 +0800 |
tree | 07e5ea84b9516238b465e725e51d5e8fe77bfe5c | |
parent | fdcf87f95890611b5ec6986980209dbd415660dd [diff] |
Report failure when not able to connect to AVRCP A crash may occur when creating a bluetooth AVRCP connection to a device. The code fails to check a return value from an AVRCP function being used to index into an array. The return value may exceed the size of the array causing memory outside the bounds of the array to be accessed leading to memory corruption and a crash. The fix is to ensure the return value is within the bounds of the array before accessing the array contents. If the return value is not within the bounds of the array report it as a failure to the bluetooth stack. This change is relevant for android automotive because the IVI (in-vehicle infotainment system) acts as the an AVRCP controller which still executes this code. Note: this is a backport of b/214569798, inducted as a non-security issue. Per b/226927612 it has been found to have security impact and should be backported to earlier branches. Bug: 226927612 Test: Manual - set return value to be out of bounds, verify no crash Tag: #security Ignore-AOSP-First: Security Change-Id: I03f89f894c759b85e555a024435b625397ef7e5c (cherry picked from commit 6a543761f2dc3db0ebf541285a0b3b2afc83a6a6) Merged-In: I03f89f894c759b85e555a024435b625397ef7e5c (cherry picked from commit 38ba507d7501a43d1e51b16870857e6b43bf02f2)
Just build AOSP - Fluoride is there by default.
Instructions for a Debian based distribution:
You'll want to download some pre-requisite packages as well. If you're currently configured for AOSP development, you should have all required packages. Otherwise, you can use the following apt-get list:
sudo apt-get install repo git-core gnupg flex bison gperf build-essential \ zip curl zlib1g-dev gcc-multilib g++-multilib \ x11proto-core-dev libx11-dev lib32z-dev libncurses5 \ libgl1-mesa-dev libxml2-utils xsltproc unzip liblz4-tool libssl-dev \ libc++-dev libevent-dev \ flatbuffers-compiler libflatbuffers1 \ openssl openssl-dev
You will also need a recent-ish version of Rust and Cargo. Please follow the instructions on Rustup to install a recent version.
mkdir ~/fluoride cd ~/fluoride git clone https://android.googlesource.com/platform/system/bt
Install dependencies (require sudo access). This adds some Ubuntu dependencies and also installs GN (which is the build tool we're using).
cd ~/fluoride/bt build/install_deps.sh
The following third-party dependencies are necessary but currently unavailable via a package manager. You may have to build these from source and install them to your local environment.
We provide a script to produce debian packages for those components, please follow the instructions in build/dpkg/README.txt.
The googletest packages provided by Debian/Ubuntu (libgmock-dev and libgtest-dev) do not provide pkg-config files, so you can build your own googletest using the steps below:
$ git clone https://github.com/google/googletest.git -b release-1.10.0 $ cd googletest # Main directory of the cloned repository. $ mkdir build # Create a directory to hold the build output. $ cd build $ cmake .. # Generate native build scripts for GoogleTest. $ sudo make install -DCMAKE_INSTALL_PREFIX=/usr
For host build, we depend on a few other repositories:
Clone these all somewhere and create your staging environment.
export STAGING_DIR=path/to/your/staging/dir mkdir ${STAGING_DIR} mkdir -p ${STAGING_DIR}/external ln -s $(readlink -f ${PLATFORM2_DIR}/common-mk) ${STAGING_DIR}/common-mk ln -s $(readlink -f ${PLATFORM2_DIR}/.gn) ${STAGING_DIR}/.gn ln -s $(readlink -f ${RUST_CRATE_DIR}) ${STAGING_DIR}/external/rust ln -s $(readlink -f ${PROTO_LOG_DIR}) ${STAGING_DIR}/external/proto_logging
We provide a build script to automate building assuming you've staged your build environment already as above.
./build.py --output ${OUTPUT_DIR} --platform-dir ${STAGING_DIR} --clang
This will build all targets to the output directory you've given. You can also build each stage separately (if you want to iterate on something specific):
You can choose to run only a specific stage by passing an arg via --target
.
Currently, Rust builds are a separate stage that uses Cargo to build. See gd/rust/README.md for more information.
By default on Linux, we statically link libbluetooth so you can just run the binary directly:
cd ~/fluoride/bt/out/Default ./bluetoothtbd -create-ipc-socket=fluoride