Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: Haoxiang Li <haoxiang_li2024@xxxxxxx>

commit d8df010f72b8a32aaea393e36121738bb53ed905 upstream.

Add check for the return value of mgmt_alloc_skb() in
mgmt_device_connected() to prevent null pointer dereference.

Fixes: e96741437ef0 ("Bluetooth: mgmt: Make use of mgmt_send_event_skb in MGMT_EV_DEVICE_CONNECTED")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Haoxiang Li <haoxiang_li2024@xxxxxxx>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 net/bluetooth/mgmt.c |    3 +++
 1 file changed, 3 insertions(+)

--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -9733,6 +9733,9 @@ void mgmt_device_connected(struct hci_de
 				     sizeof(*ev) + (name ? eir_precalc_len(name_len) : 0) +
 				     eir_precalc_len(sizeof(conn->dev_class)));
 
+	if (!skb)
+		return;
+
 	ev = skb_put(skb, sizeof(*ev));
 	bacpy(&ev->addr.bdaddr, &conn->dst);
 	ev->addr.type = link_to_bdaddr(conn->type, conn->dst_type);


Patches currently in stable-queue which might be from haoxiang_li2024@xxxxxxx are

queue-6.1/bluetooth-add-check-for-mgmt_alloc_skb-in-mgmt_device_connected.patch
queue-6.1/rapidio-add-check-for-rio_add_net-in-rio_scan_alloc_net.patch
queue-6.1/rapidio-fix-an-api-misues-when-rio_add_net-fails.patch
queue-6.1/bluetooth-add-check-for-mgmt_alloc_skb-in-mgmt_remote_name.patch
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux