Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap...

author Al Viro <viro@zeniv.linux.org.uk>

Fri, 19 Dec 2014 06:20:59 +0000 (06:20 +0000)

committer Willy Tarreau <w@1wt.eu>

Wed, 1 Nov 2017 21:12:41 +0000 (22:12 +0100)
author Al Viro <viro@zeniv.linux.org.uk>
Fri, 19 Dec 2014 06:20:59 +0000 (06:20 +0000)
committer Willy Tarreau <w@1wt.eu>
Wed, 1 Nov 2017 21:12:41 +0000 (22:12 +0100)
diff --git a/net/bluetooth/bnep/core.c b/net/bluetooth/bnep/core.c

index e430b1abcd2fabf102d15cd4f99399c983fcf9f2..e387e6719fa2dbcfa3ffddff345ea99498a7c9d6 100644 (file)
--- a/net/bluetooth/bnep/core.c
+++ b/net/bluetooth/bnep/core.c
@@ -32,6 +32,7 @@
  #include <asm/unaligned.h>
  
  #include <net/bluetooth/bluetooth.h>
+#include <net/bluetooth/l2cap.h>
  #include <net/bluetooth/hci_core.h>
  
  #include "bnep.h"
@@ -539,6 +540,9 @@ int bnep_add_connection(struct bnep_connadd_req *req, struct socket *sock)
  
         BT_DBG("");
  
+       if (!l2cap_is_socket(sock))
+               return -EBADFD;
+
         baswap((void *) dst, &bt_sk(sock->sk)->dst);
         baswap((void *) src, &bt_sk(sock->sk)->src);
author	Al Viro <viro@zeniv.linux.org.uk>
	Fri, 19 Dec 2014 06:20:59 +0000 (06:20 +0000)
committer	Willy Tarreau <w@1wt.eu>
	Wed, 1 Nov 2017 21:12:41 +0000 (22:12 +0100)