Bluetooth: Add instance range check for Add Advertising command

The instance range check for Add Advertising command is missing. If the provided instance is out of range an Invalid Parameters error should be returned. At the moment, the generic Failed error is returned. This extra check ensures that clear error messages are returned. Signed-off-by: N Marcel Holtmann <marcel@holtmann.org> Signed-off-by: N Johan Hedberg <johan.hedberg@intel.com>

Bluetooth: Add instance range check for Add Advertising command
The instance range check for Add Advertising command is missing. If the provided instance is out of range an Invalid Parameters error should be returned. At the moment, the generic Failed error is returned. This extra check ensures that clear error messages are returned. Signed-off-by: N Marcel Holtmann <marcel@holtmann.org> Signed-off-by: N Johan Hedberg <johan.hedberg@intel.com>
ceff86af · Marcel Holtmann · Johan Hedberg · e9d63767 · ceff86af
隐藏空白更改
内联并排

Showing with 4 addition and 0 deletion

net/bluetooth/mgmt.c net/bluetooth/mgmt.c +4 -0

未找到文件。
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -6839,6 +6839,10 @@ static int add_advertising(struct sock *sk, struct hci_dev *hdev,
 		return mgmt_cmd_status(sk, hdev->id, MGMT_OP_ADD_ADVERTISING,
 				       status);

+	if (cp->instance < 1 || cp->instance > HCI_MAX_ADV_INSTANCES)
+		return mgmt_cmd_status(sk, hdev->id, MGMT_OP_ADD_ADVERTISING,
+				       MGMT_STATUS_INVALID_PARAMS);
+
 	flags = __le32_to_cpu(cp->flags);
 	timeout = __le16_to_cpu(cp->timeout);
 	duration = __le16_to_cpu(cp->duration);