diff options
author | Marcel Holtmann <marcel@holtmann.org> | 2012-02-22 18:06:34 +0100 |
---|---|---|
committer | Johan Hedberg <johan.hedberg@intel.com> | 2012-02-23 12:07:00 +0100 |
commit | 24c54a90527ca5b85e7feedde2c779dc056ffddb (patch) | |
tree | 4c3bf52346cc63742f37e772b3ff22a1b4e96193 /net/bluetooth/mgmt.c | |
parent | Bluetooth: mgmt: Fix updating EIR when updating the name (diff) | |
download | linux-24c54a90527ca5b85e7feedde2c779dc056ffddb.tar.xz linux-24c54a90527ca5b85e7feedde2c779dc056ffddb.zip |
Bluetooth: Disabling discoverable with timeout is invalid
Add one extra sanity check to ensure that the supplied timeout value is
actually valid in this context.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Diffstat (limited to '')
-rw-r--r-- | net/bluetooth/mgmt.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index d756644163bc..6df4af6e99cc 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -850,13 +850,16 @@ static int set_discoverable(struct sock *sk, u16 index, void *data, u16 len) return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, MGMT_STATUS_INVALID_PARAMS); + timeout = get_unaligned_le16(&cp->timeout); + if (!cp->val && timeout > 0) + return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, + MGMT_STATUS_INVALID_PARAMS); + hdev = hci_dev_get(index); if (!hdev) return cmd_status(sk, index, MGMT_OP_SET_DISCOVERABLE, MGMT_STATUS_INVALID_PARAMS); - timeout = get_unaligned_le16(&cp->timeout); - hci_dev_lock(hdev); if (!hdev_is_powered(hdev) && timeout > 0) { |