首页 发现 帮助
登录
GfA
/
linux_kernel
5
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth

Johan Hedberg says:

====================
pull request: bluetooth 2016-02-20

Here's an important patch for 4.5 which fixes potential invalid pointer
access when processing completed Bluetooth HCI commands.

Please let me know if there are any issues pulling. Thanks.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller 9 年之前
父节点
b5a099c67a 3bd7594e69
当前提交
9ca69b7054
共有 1 个文件被更改,包括 4 次插入2 次删除
分列视图 显示文件统计
  1. 4 2
      net/bluetooth/hci_core.c

+ 4 - 2
net/bluetooth/hci_core.c
查看文件 

@@ -4112,8 +4112,10 @@ void hci_req_cmd_complete(struct hci_dev *hdev, u16 opcode, u8 status,
 
 			break;
 
 		}
 
 
-		*req_complete = bt_cb(skb)->hci.req_complete;
 
-		*req_complete_skb = bt_cb(skb)->hci.req_complete_skb;
 
+		if (bt_cb(skb)->hci.req_flags & HCI_REQ_SKB)
 
+			*req_complete_skb = bt_cb(skb)->hci.req_complete_skb;
 
+		else
 
+			*req_complete = bt_cb(skb)->hci.req_complete;
 
 		kfree_skb(skb);
 
 	}
 
 	spin_unlock_irqrestore(&hdev->cmd_q.lock, flags);