All of lore.kernel.org
 help / color / mirror / Atom feed
From: Gustavo Padovan <gustavo@padovan.org>
To: Johan Hedberg <johan.hedberg@gmail.com>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH v2] Bluetooth: Fix handling of unexpected SMP PDUs
Date: Thu, 31 Jan 2013 15:36:45 -0200	[thread overview]
Message-ID: <20130131173645.GA2556@joana> (raw)
In-Reply-To: <1359477863-24645-1-git-send-email-johan.hedberg@gmail.com>

Hi Johan,

* Johan Hedberg <johan.hedberg@gmail.com> [2013-01-29 10:44:23 -0600]:

> From: Johan Hedberg <johan.hedberg@intel.com>
> 
> The conn->smp_chan pointer can be NULL if SMP PDUs arrive at unexpected
> moments. To avoid NULL pointer dereferences the code should be checking
> for this and disconnect if an unexpected SMP PDU arrives. This patch
> fixes the issue by adding a check for conn->smp_chan for all other PDUs
> except pairing request and security request (which are are the first
> PDUs to come to initialize the SMP context).
> 
> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
> CC: stable@vger.kernel.org
> ---
> v2: Move the checks to a single place in smp_sig_channel() and instead
> of ignoring the PDUs return failure from smp_sig_channel() to trigger a
> disconnection.
> 
>  net/bluetooth/smp.c |   13 +++++++++++++
>  1 file changed, 13 insertions(+)

Patch has been applied to bluetooth.git. Thanks.

	Gustavo

      parent reply	other threads:[~2013-01-31 17:36 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-01-29 16:44 [PATCH v2] Bluetooth: Fix handling of unexpected SMP PDUs Johan Hedberg
2013-01-29 17:58 ` Marcel Holtmann
2013-01-31 17:36 ` Gustavo Padovan [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130131173645.GA2556@joana \
    --to=gustavo@padovan.org \
    --cc=johan.hedberg@gmail.com \
    --cc=linux-bluetooth@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.