Bluetooth: Fix memory leak in hci_connect_le_scan

commit d088337c38a5cd8f0230fbf2d514ff7672f9d0d3 upstream. In the implementation of hci_connect_le_scan() when conn is added via hci_conn_add(), if hci_explicit_conn_params_set() fails the allocated memory for conn is leaked. Use hci_conn_del() to release it. Fixes: f75113a2 ("Bluetooth: add hci_connect_le_scan") Signed-off-by: N Navid Emamdoost <navid.emamdoost@gmail.com> Signed-off-by: N Marcel Holtmann <marcel@holtmann.org> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>

Bluetooth: Fix memory leak in hci_connect_le_scan
commit d088337c38a5cd8f0230fbf2d514ff7672f9d0d3 upstream. In the implementation of hci_connect_le_scan() when conn is added via hci_conn_add(), if hci_explicit_conn_params_set() fails the allocated memory for conn is leaked. Use hci_conn_del() to release it. Fixes: f75113a2 ("Bluetooth: add hci_connect_le_scan") Signed-off-by: N Navid Emamdoost <navid.emamdoost@gmail.com> Signed-off-by: N Marcel Holtmann <marcel@holtmann.org> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>
3c1d512a · Navid Emamdoost · Yang Yingliang · a0aca435 · 3c1d512a
显示空白变更内容
内联并排

Showing with 3 addition and 1 deletion

net/bluetooth/hci_conn.c net/bluetooth/hci_conn.c +3 -1

未找到文件。
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -1173,8 +1173,10 @@ struct hci_conn *hci_connect_le_scan(struct hci_dev *hdev, bdaddr_t *dst,
 	if (!conn)
 		return ERR_PTR(-ENOMEM);
-	if (hci_explicit_conn_params_set(hdev, dst, dst_type) < 0)
+	if (hci_explicit_conn_params_set(hdev, dst, dst_type) < 0) {
+		hci_conn_del(conn);
 		return ERR_PTR(-EBUSY);
+	}
 	conn->state = BT_CONNECT;
 	set_bit(HCI_CONN_SCANNING, &conn->flags);