This is a note to let you know that I've just added the patch titled
Bluetooth: Fix using a NULL inquiry cache entry
to the 3.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
bluetooth-fix-using-a-null-inquiry-cache-entry.patch
and it can be found in the queue-3.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 7cc8380eb10347016d95bf6f9d842c2ae6d12932 Mon Sep 17 00:00:00 2001
From: Ram Malovany <[email protected]>
Date: Thu, 19 Jul 2012 10:26:10 +0300
Subject: Bluetooth: Fix using a NULL inquiry cache entry
From: Ram Malovany <[email protected]>
commit 7cc8380eb10347016d95bf6f9d842c2ae6d12932 upstream.
If the device was not found in a list of found devices names of which
are pending.This may happen in a case when HCI Remote Name Request
was sent as a part of incoming connection establishment procedure.
Hence there is no need to continue resolving a next name as it will
be done upon receiving another Remote Name Request Complete Event.
This will fix a kernel crash when trying to use this entry to resolve
the next name.
Signed-off-by: Ram Malovany <[email protected]>
Signed-off-by: Gustavo Padovan <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/bluetooth/hci_event.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -1388,12 +1388,18 @@ static void hci_check_pending_name(struc
return;
e = hci_inquiry_cache_lookup_resolve(hdev, bdaddr, NAME_PENDING);
- if (e) {
+ /* If the device was not found in a list of found devices names of which
+ * are pending. there is no need to continue resolving a next name as it
+ * will be done upon receiving another Remote Name Request Complete
+ * Event */
+ if (!e)
+ return;
+
+ list_del(&e->list);
+ if (name) {
e->name_state = NAME_KNOWN;
- list_del(&e->list);
- if (name)
- mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
- e->data.rssi, name, name_len);
+ mgmt_remote_name(hdev, bdaddr, ACL_LINK, 0x00,
+ e->data.rssi, name, name_len);
}
if (hci_resolve_next_name(hdev))
Patches currently in stable-queue which might be from [email protected] are
queue-3.4/bluetooth-set-name_state-to-unknown-when-entry-name-is-empty.patch
queue-3.4/bluetooth-fix-using-a-null-inquiry-cache-entry.patch
queue-3.4/bluetooth-fix-using-null-inquiry-entry.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
