Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 079db0c6 authored by Andrei Emeltchenko's avatar Andrei Emeltchenko Committed by Gustavo Padovan
Browse files

Bluetooth: AMP: Fix possible NULL dereference 



Check that link key exist before accessing.

Signed-off-by: default avatarAndrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: default avatarGustavo Padovan <gustavo.padovan@collabora.co.uk>
parent dfee1ebc

net/bluetooth/amp.c

+4 −0
Original line number Diff line number Diff line
@@ -184,6 +184,10 @@ int phylink_gen_key(struct hci_conn *conn, u8 *data, u8 *len, u8 *type) 
	*len = HCI_AMP_LINK_KEY_SIZE;



	key = hci_find_link_key(hdev, &conn->dst);

	if (!key) {

		BT_DBG("No Link key for conn %p dst %pMR", conn, &conn->dst);

		return -EACCES;

	}



	/* BR/EDR Link Key concatenated together with itself */

	memcpy(&keybuf[0], key->val, HCI_LINK_KEY_SIZE);