Commit 44b20d33 authored Jan 20, 2013 by Johan Hedberg Committed by Gustavo Padovan Jan 23, 2013

Bluetooth: Check for valid key->authenticated value for LTKs



This patch adds necessary checks for the two allowed values of the
authenticated parameter of each Long Term Key, i.e. 0x00 and 0x01. If
any other value is encountered the valid response is to return invalid
params to user space.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>

parent 3f706b72

net/bluetooth/mgmt.c

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -2703,6 +2703,8 @@ static int set_fast_connectable(struct sock sk, struct hci_dev hdev,

	static bool ltk_is_valid(struct mgmt_ltk_info *key)		static bool ltk_is_valid(struct mgmt_ltk_info *key)
	{		{
			if (key->authenticated != 0x00 && key->authenticated != 0x01)
			return false;
	if (key->master != 0x00 && key->master != 0x01)		if (key->master != 0x00 && key->master != 0x01)
	return false;		return false;
	return true;		return true;