From: Johan Hedberg Date: Sun, 20 Jan 2013 12:27:17 +0000 (+0200) Subject: Bluetooth: Check for valid key->authenticated value for LTKs X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=44b20d33962a73ca14b934540e9168e0da1b49ab;p=GitHub%2Fmt8127%2Fandroid_kernel_alcatel_ttab.git Bluetooth: Check for valid key->authenticated value for LTKs This patch adds necessary checks for the two allowed values of the authenticated parameter of each Long Term Key, i.e. 0x00 and 0x01. If any other value is encountered the valid response is to return invalid params to user space. Signed-off-by: Johan Hedberg Acked-by: Marcel Holtmann Signed-off-by: Gustavo Padovan --- diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index cd758994b02f..bc04c444c98e 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -2703,6 +2703,8 @@ done: static bool ltk_is_valid(struct mgmt_ltk_info *key) { + if (key->authenticated != 0x00 && key->authenticated != 0x01) + return false; if (key->master != 0x00 && key->master != 0x01) return false; return true;