From: <ramm@ti.com>
To: <linux-bluetooth@vger.kernel.org>
Cc: Ram Malovany <ramm@ti.com>
Subject: [PATCH v2 2/3] Bluetooth: Fix using a NULL inquiry cache entry.
Date: Thu, 19 Jul 2012 10:26:10 +0300 [thread overview]
Message-ID: <1342682771-28584-2-git-send-email-ramm@ti.com> (raw)
In-Reply-To: <1342682771-28584-1-git-send-email-ramm@ti.com>
From: Ram Malovany <ramm@ti.com>
If the device was not found in a list of found devices names of which
are pending.This may happen in a case when HCI Remote Name Request
was sent as a part of incoming connection establishment procedure.
Hence there is no need to continue resolving a next name as it will
be done upon receiving another Remote Name Request Complete Event.
This will fix a kernel crash when trying to use this entry to resolve
the next name.
Signed-off-by: Ram Malovany <ramm@ti.com>
---
net/bluetooth/hci_event.c | 16 +++++++++++-----
1 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 2de521f..3224dcc 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -1396,12 +1396,18 @@ static void hci_check_pending_name(struct hci_dev *hdev, struct hci_conn *conn,
return;
e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
- if (e) {
+ /* If the device was not found in a list of found devices names of which
+ * are pending. there is no need to continue resolving a next name as it
+ * will be done upon receiving another Remote Name Request Complete
+ * Event */
+ if (!e)
+ return;
+
+ list_del(&e->list);
+ if (name) {
e->name_state = NAME_KNOWN;
- list_del(&e->list);
- if (name)
- mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
- e->data.rssi, name, name_len);
+ mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
+ e->data.rssi, name, name_len);
}
if (hci_resolve_next_name(hdev))
--
1.7.4.1
next prev parent reply other threads:[~2012-07-19 7:26 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-07-19 7:26 [PATCH v2 1/3] Bluetooth: Fix using NULL inquiry entry ramm
2012-07-19 7:26 ` ramm [this message]
2012-07-19 7:26 ` [PATCH v2 3/3] Bluetooth: Set name_state to unknown when entry name is empty ramm
2012-07-19 14:12 ` Gustavo Padovan
2012-07-19 14:27 ` Gustavo Padovan
2012-07-23 7:38 ` Malovany, Ram
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1342682771-28584-2-git-send-email-ramm@ti.com \
--to=ramm@ti.com \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).