summaryrefslogtreecommitdiffstats
path: root/ipc/syscall.c
diff options
context:
space:
mode:
authorDean Jenkins <Dean_Jenkins@mentor.com>2013-02-28 15:21:55 +0100
committerGustavo Padovan <gustavo.padovan@collabora.co.uk>2013-03-08 14:40:24 +0100
commit8ff52f7d04d9cc31f1e81dcf9a2ba6335ed34905 (patch)
tree681a2468209aff5c83cd7c3bafe1eb6c38123c63 /ipc/syscall.c
parentBluetooth: Check rfcomm session and DLC exists on socket close (diff)
downloadlinux-8ff52f7d04d9cc31f1e81dcf9a2ba6335ed34905.tar.xz
linux-8ff52f7d04d9cc31f1e81dcf9a2ba6335ed34905.zip
Bluetooth: Return RFCOMM session ptrs to avoid freed session
Unfortunately, the design retains local copies of the s RFCOMM session pointer in various code blocks and this invites the erroneous access to a freed RFCOMM session structure. Therefore, return the RFCOMM session pointer back up the call stack to avoid accessing a freed RFCOMM session structure. When the RFCOMM session is deleted, NULL is passed up the call stack. If active DLCs exist when the rfcomm session is terminating, avoid a memory leak of rfcomm_dlc structures by ensuring that rfcomm_session_close() is used instead of rfcomm_session_del(). Signed-off-by: Dean Jenkins <Dean_Jenkins@mentor.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Diffstat (limited to 'ipc/syscall.c')
0 files changed, 0 insertions, 0 deletions