Hi Luis, On Fri, Jun 28, 2013, Luis Henriques wrote: > > --- a/net/bluetooth/l2cap_core.c > > +++ b/net/bluetooth/l2cap_core.c > > @@ -3399,7 +3399,7 @@ static inline int l2cap_move_channel_con > > struct l2cap_move_chan_cfm_rsp *rsp = data; > > u16 icid; > > > > - if (cmd_len != sizeof(*rsp)) > > + if (cmd_len < sizeof(*rsp)) > > return -EPROTO; > > > > icid = le16_to_cpu(rsp->icid); > > > > I have doubts about the correctness of this backport: the original > commit modifies function l2cap_information_rsp(), while this backport > changes l2cap_move_channel_confirm_rsp(). > > Looking at mainline code, l2cap_move_channel_confirm_rsp() does not > contain the change you're introducing. Maybe I'm misreading the code > and missing something. > > Besides, the commit text claims it is fixing an issue introduced by > cb3b3152b2f5939d67005cff841a1ca748b19888, which is actually not > present in the 3.4 kernel. Looks incorrect to me too. The commit that this depends on (cb3b3152b2f5939d67005cff841a1ca748b19888) did also have the Cc: stable tag, but it never made it to the 3.4 branch. Johan -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html