Hi David, * David Herrmann <dh.herrmann@xxxxxxxxx> [2013-04-05 14:57:34 +0200]: > We need to verify that the given sockets actually are l2cap sockets. If > they aren't, we are not supposed to access bt_sk(sock) and we shouldn't > start the session if the offsets turn out to be valid local BT addresses. > > That is, if someone passes a TCP socket to HIDCONNADD, then we access some > random offset in the TCP socket (which isn't even guaranteed to be valid). > > Fix this by checking that the socket is an l2cap socket. > > Signed-off-by: David Herrmann <dh.herrmann@xxxxxxxxx> > --- > include/net/bluetooth/l2cap.h | 1 + > net/bluetooth/hidp/core.c | 2 ++ > net/bluetooth/l2cap_sock.c | 6 ++++++ > 3 files changed, 9 insertions(+) Patch has been applied to bluetooth-next. Thanks. Gustavo -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
