From: Andrei Emeltchenko <andrei.emeltchenko@xxxxxxxxx>
hdev might be NULL, so we need to avoid possible NULL derefernce in
handler->func functions.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@xxxxxxxxx>
---
net/bluetooth/mgmt.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index b127b88..be3182c 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -2738,7 +2738,6 @@ static const struct mgmt_handler {
int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
{
void *buf;
- u8 *cp;
struct mgmt_hdr *hdr;
u16 opcode, index, len;
struct hci_dev *hdev = NULL;
@@ -2802,14 +2801,17 @@ int mgmt_control(struct sock *sk, struct msghdr *msg, size_t msglen)
goto done;
}
- if (hdev)
+ if (hdev) {
+ u8 *cp;
+
mgmt_init_hdev(sk, hdev);
- cp = buf + sizeof(*hdr);
+ cp = buf + sizeof(*hdr);
- err = handler->func(sk, hdev, cp, len);
- if (err < 0)
- goto done;
+ err = handler->func(sk, hdev, cp, len);
+ if (err < 0)
+ goto done;
+ }
err = msglen;
--
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
