On Mon, Oct 19, 2020 at 10:25 AM Luiz Augusto von Dentz
<luiz.dentz@xxxxxxxxx> wrote:
>
> From: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
>
> When receiving advertisements check if the length is actually within
> the skb, this also make use of skb_pull to advance on the skb->data
> instead of a custom ptr that way skb->len shall always indicates how
> much data is remaining and can be used to perform checks if there is
> enough data to parse.
>
> Fixes: a2ec905d1e160a33b2e210e45ad30445ef26ce0e ("Bluetooth: fix kernel oops in store_pending_adv_report")
> Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
> ---
> v2: Fixes rssi parsing.
>
> net/bluetooth/hci_event.c | 73 ++++++++++++++++++++++++++++++---------
> 1 file changed, 56 insertions(+), 17 deletions(-)
Tested-by: Abhishek Pandit-Subedi <abhishekpandit@xxxxxxxxxxxx>
---
I cherry-picked this to our 4.19 kernel and ran our LE Health tests on
the Kohaku chromebook (AX201 controller). All tests are passing.
