summaryrefslogtreecommitdiffstats
path: root/net/bluetooth/smp.c
diff options
context:
space:
mode:
authorJohan Hedberg <johan.hedberg@intel.com>2014-09-06 05:59:10 +0200
committerMarcel Holtmann <marcel@holtmann.org>2014-09-08 19:07:57 +0200
commitc68b7f127d5f517c214e8bcf231d0188f6776d2a (patch)
tree586ab7b881e121d59a68340225e6e7f70dc5e07a /net/bluetooth/smp.c
parentBluetooth: LLVMLinux: Remove VLAIS from bluetooth/amp.c (diff)
downloadlinux-c68b7f127d5f517c214e8bcf231d0188f6776d2a.tar.xz
linux-c68b7f127d5f517c214e8bcf231d0188f6776d2a.zip
Bluetooth: Fix dereferencing conn variable before NULL check
This patch fixes the following type of static analyzer warning (and probably a real bug as well as the NULL check should be there for a reason): net/bluetooth/smp.c:1182 smp_conn_security() warn: variable dereferenced before check 'conn' (see line 1174) Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to '')
-rw-r--r--net/bluetooth/smp.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 1201670afe38..560f78a9f960 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -1210,7 +1210,7 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
{
struct l2cap_conn *conn = hcon->l2cap_data;
- struct l2cap_chan *chan = conn->smp;
+ struct l2cap_chan *chan;
struct smp_chan *smp;
__u8 authreq;
int ret;
@@ -1221,6 +1221,8 @@ int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
if (!conn)
return 1;
+ chan = conn->smp;
+
if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
return 1;