Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net/bluetooth/hidp
History
David Herrmann 1528eb776d Bluetooth: hidp: verify l2cap sockets 
commit b3916db32c upstream.

We need to verify that the given sockets actually are l2cap sockets. If
they aren't, we are not supposed to access bt_sk(sock) and we shouldn't
start the session if the offsets turn out to be valid local BT addresses.

That is, if someone passes a TCP socket to HIDCONNADD, then we access some
random offset in the TCP socket (which isn't even guaranteed to be valid).

Fix this by checking that the socket is an l2cap socket.

Change-Id: I401bca741588b34876a1c835d8d4567852b4ec75
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
2018-01-13 17:14:28 +03:00
..
core.c Bluetooth: hidp: verify l2cap sockets 2018-01-13 17:14:28 +03:00
hidp.h Revert upstream bluetooth 2013-02-25 11:37:04 -08:00
Kconfig Bluetooth: Always compile SCO and L2CAP in Bluetooth Core 2011-12-21 02:21:08 -02:00
Makefile
sock.c Revert upstream bluetooth 2013-02-25 11:37:04 -08:00