mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-28 07:13:34 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/bluetooth
History
Johan Hedberg 642ac7745a Bluetooth: Fix missing check for SMP session in smp_user_confirm_reply 
The smp_user_confirm_reply() function is called whenever user space
sends a user confirmation reply mgmt command. In case of a misbehaving
user space, or if the SMP session was removed by the time the command
comes it is important that we return an appropriate error and do not try
to access the non-existent SMP context. This patch adds the appropriate
check for the HCI_CONN_LE_SMP_PEND flag before proceeding further.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-07-03 17:42:47 +02:00
..
bnep net/*: Fix FSF address in file headers 2013-12-06 12:37:57 -05:00
cmtp Bluetooth: Access CMTP session addresses through L2CAP channel 2013-10-13 20:00:30 +03:00
hidp Merge branch 'for-3.15/hid-core-ll-transport-cleanup' into for-linus 2014-04-01 19:05:09 +02:00
rfcomm Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next 2014-05-29 13:03:47 -04:00
6lowpan.c Bluetooth: 6LoWPAN: Remove network devices when unloading 2014-07-03 17:42:44 +02:00
a2mp.c Bluetooth: Provide L2CAP ops callback for memcpy_fromiovec 2014-07-03 17:42:43 +02:00
a2mp.h Bluetooth: Move a2mp.h header file into net/bluetooth/ 2013-10-11 00:10:05 +02:00
af_bluetooth.c Bluetooth: Increase minor version of core module 2014-02-21 06:21:55 +02:00
amp.c Bluetooth: Remove l2cap_conn->dst usage from AMP manager 2013-10-13 17:43:32 +03:00
amp.h Bluetooth: Move amp.h header file into net/bluetooth/ 2013-10-11 00:10:03 +02:00
hci_conn.c Bluetooth: Convert hci_conn->link_mode into flags 2014-07-03 17:42:46 +02:00
hci_core.c Bluetooth: Remove ssp_debug_mode debugfs option 2014-07-03 17:42:46 +02:00
hci_event.c Bluetooth: Convert hci_conn->link_mode into flags 2014-07-03 17:42:46 +02:00
hci_sock.c net: add __pskb_copy_fclone and pskb_copy_for_clone 2014-06-11 15:38:02 -07:00
hci_sysfs.c Bluetooth: Convert to use ATTRIBUTE_GROUPS macro 2014-02-13 09:51:34 +02:00
Kconfig Bluetooth: 6LoWPAN: Create a kernel module 2014-07-03 17:42:44 +02:00
l2cap_core.c Bluetooth: Convert hci_conn->link_mode into flags 2014-07-03 17:42:46 +02:00
l2cap_sock.c Bluetooth: Provide L2CAP ops callback for memcpy_fromiovec 2014-07-03 17:42:43 +02:00
lib.c Bluetooth: Add error mapping for Directed Advertising Timeout 2014-03-26 09:31:36 -07:00
Makefile Bluetooth: 6LoWPAN: Create a kernel module 2014-07-03 17:42:44 +02:00
mgmt.c Bluetooth: Remove unnecessary hci_dev_unlock for smp_user_confirm_reply 2014-07-03 17:42:47 +02:00
sco.c net: Fix use after free by removing length arg from sk_data_ready callbacks. 2014-04-11 16:15:36 -04:00
smp.c Bluetooth: Fix missing check for SMP session in smp_user_confirm_reply 2014-07-03 17:42:47 +02:00
smp.h Bluetooth: Remove HCI prefix from SMP LTK defines 2014-07-03 17:42:42 +02:00