Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dfde3147 authored by Navid Emamdoost's avatar Navid Emamdoost Committed by Greg Kroah-Hartman
Browse files

Bluetooth: Fix memory leak in hci_connect_le_scan 



commit d088337c38a5cd8f0230fbf2d514ff7672f9d0d3 upstream.

In the implementation of hci_connect_le_scan() when conn is added via
hci_conn_add(), if hci_explicit_conn_params_set() fails the allocated
memory for conn is leaked. Use hci_conn_del() to release it.

Fixes: f75113a2 ("Bluetooth: add hci_connect_le_scan")
Signed-off-by: default avatarNavid Emamdoost <navid.emamdoost@gmail.com>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent cf223ff1

net/bluetooth/hci_conn.c

+3 −1
Original line number Diff line number Diff line
@@ -1173,8 +1173,10 @@ struct hci_conn *hci_connect_le_scan(struct hci_dev *hdev, bdaddr_t *dst, 
	if (!conn)

		return ERR_PTR(-ENOMEM);



	if (hci_explicit_conn_params_set(hdev, dst, dst_type) < 0)

	if (hci_explicit_conn_params_set(hdev, dst, dst_type) < 0) {

		hci_conn_del(conn);

		return ERR_PTR(-EBUSY);

	}



	conn->state = BT_CONNECT;

	set_bit(HCI_CONN_SCANNING, &conn->flags);