Bluetooth: Check for valid key->authenticated value for LTKs

This patch adds necessary checks for the two allowed values of the authenticated parameter of each Long Term Key, i.e. 0x00 and 0x01. If any other value is encountered the valid response is to return invalid params to user space. Signed-off-by: N Johan Hedberg <johan.hedberg@intel.com> Acked-by: N Marcel Holtmann <marcel@holtmann.org> Signed-off-by: N Gustavo Padovan <gustavo.padovan@collabora.co.uk>

Bluetooth: Check for valid key->authenticated value for LTKs
This patch adds necessary checks for the two allowed values of the authenticated parameter of each Long Term Key, i.e. 0x00 and 0x01. If any other value is encountered the valid response is to return invalid params to user space. Signed-off-by: N Johan Hedberg <johan.hedberg@intel.com> Acked-by: N Marcel Holtmann <marcel@holtmann.org> Signed-off-by: N Gustavo Padovan <gustavo.padovan@collabora.co.uk>
44b20d33 · Johan Hedberg · Gustavo Padovan · 3f706b72 · 44b20d33
隐藏空白更改
内联并排

Showing with 2 addition and 0 deletion

net/bluetooth/mgmt.c net/bluetooth/mgmt.c +2 -0

未找到文件。
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -2703,6 +2703,8 @@ static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,

 static bool ltk_is_valid(struct mgmt_ltk_info *key)
 {
+	if (key->authenticated != 0x00 && key->authenticated != 0x01)
+		return false;
 	if (key->master != 0x00 && key->master != 0x01)
 		return false;
 	return true;