https://bugs.documentfoundation.org/show_bug.cgi?id=99250
Bug ID: 99250
Summary: Bluetooth socket left unclosed if connection failed
Product: Impress Remote
Version: unspecified
Hardware: All
OS: Android
Status: UNCONFIRMED
Severity: normal
Priority: medium
Component: Android app
Assignee: libreoffice-bugs@lists.freedesktop.org
Reporter: vi...@rice.edu
Hi, we're a research team at Rice University working on automatic detection of
anomalies in open source Android apps. Our tool was able to detect in the
Impress Remote app that the BluetoothSocket "mServerConnection" in the class
BluetoothServerConnection.java is left unclosed in the "open()" method in case
the connection failed and threw an exception (lines 46-50).
Our tool works by automatically learning API usage specifications from
thousands of Android apps, and in this case it learned that when "connect()"
called on a BluetoothSocket object throws an exception, it is almost always
followed by a "close()" on that object. If not, depending on the state of the
socket when the connection failed, it could be left open thereby preventing
future requests (possibly by other apps) to use the socket. We could not
produce an actual observable bug from this but it is conceivable that this may
be exploited if one intends to.
For our research purposes, we would greatly appreciate it if you can provide
your comments regarding the nature/severity of this "bug".
Thanks,
Vijay
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Libreoffice-bugs mailing list
Libreoffice-bugs@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
