This patchset fixes the out-of-bound access in bluetooth stack. Although it is large, all of them follow the same pattern, so it should not be hard to review. I try to group them as much as I can. This patchset should cover Dan's patch too. Please check each patch for details. (Resending v2 as it is lost in netdev mailing list.) --- Cong Wang (3): bluetooth: validate HCI_EVENT_PKT packet carefully bluetooth: validate HCI_EV_LE_META packet carefully bluetooth: validate HCI_EV_CMD_COMPLETE packet carefully net/bluetooth/hci_event.c | 627 +++++++++++++++++++++++++++++++------- 1 file changed, 520 insertions(+), 107 deletions(-) -- 2.20.1
