Hi Andrei,
>> The A2MP CID is only valid for BR/EDR transports. We should ignore A2MP
>> data on non-BR/EDR links and refuse to create an amp_mgr object.
>>
>> Signed-off-by: Johan Hedberg <johan.hedberg@xxxxxxxxx>
>> ---
>> net/bluetooth/a2mp.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/net/bluetooth/a2mp.c b/net/bluetooth/a2mp.c
>> index fe32a33..efcd108 100644
>> --- a/net/bluetooth/a2mp.c
>> +++ b/net/bluetooth/a2mp.c
>> @@ -836,6 +836,9 @@ struct l2cap_chan *a2mp_channel_create(struct l2cap_conn *conn,
>> {
>> struct amp_mgr *mgr;
>>
>> + if (conn->hcon->type != ACL_LINK)
>> + return NULL;
>> +
>
> Have you experienced this ever happened?
this is how good software is written. You check that your input is valid first. Otherwise you open yourself up to vulnerabilities.
Regards
Marcel
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
