| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 8 Jul 2010 16:59:54 -0300 From: Marcel Holtmann <marcel@...tmann.org> To: David Miller <davem@...emloft.net> Cc: netdev@...r.kernel.org Subject: [PATCH 05/13] Bluetooth: Only check SAR bits if frame is an I-frame From: Gustavo F. Padovan <padovan@...fusion.mobi> The SAR bits doesn't make sense for an S-frame. It doesn't use SAR. Checking SAR for a S-frames can lead to L2CAP errors, it could close the channel with an invalid packet length, since we was removing the 2 of the of any frame that match SAR start bits, without check if it is an I-frame. Signed-off-by: Gustavo F. Padovan <padovan@...fusion.mobi> Signed-off-by: Marcel Holtmann <marcel@...tmann.org> --- net/bluetooth/l2cap.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index bca8c41..fa842cc 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c @@ -4110,7 +4110,7 @@ static inline int l2cap_data_channel(struct l2cap_conn *conn, u16 cid, struct sk skb_pull(skb, 2); len = skb->len; - if (__is_sar_start(control)) + if (__is_sar_start(control) && __is_iframe(control)) len -= 2; if (pi->fcs == L2CAP_FCS_CRC16) -- 1.7.1.1 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists