evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net/bluetooth
History
Ben Seri f7ec367c8e Bluetooth: Properly check L2CAP config option output buffer length 
commit e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3 upstream.

Validate the output buffer length for L2CAP config requests and responses
to avoid overflowing the stack buffer used for building the option blocks.

Signed-off-by: Ben Seri <ben@armis.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-09-13 14:09:46 -07:00
..
bnep Bluetooth: bnep: fix possible might sleep error in bnep_session 2017-08-30 10:19:26 +02:00
cmtp Bluetooth: cmtp: fix possible might sleep error in cmtp_session 2017-08-30 10:19:26 +02:00
hidp Bluetooth: hidp: fix possible might sleep error in hidp_session_thread 2017-08-30 10:19:25 +02:00
rfcomm Bluetooth: Fix potential NULL dereference in RFCOMM bind callback 2015-06-06 08:44:33 +02:00
6lowpan.c Bluetooth: 6lowpan: Fix handling of uncompressed IPv6 packets 2016-03-03 15:07:16 -08:00
a2mp.c Bluetooth: Move get info completed callback to a2mp.c 2015-07-30 13:37:22 +02:00
a2mp.h Bluetooth: Add BT_HS config option 2015-07-30 13:31:59 +02:00
af_bluetooth.c net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA 2015-12-01 15:45:05 -05:00
amp.c Bluetooth: Fix breakage in amp_write_rem_assoc_frag() 2015-08-10 20:41:34 +02:00
amp.h Bluetooth: Add BT_HS config option 2015-07-30 13:31:59 +02:00
ecc.c Bluetooth: Add ECC library for LE Secure Connections 2014-12-03 16:51:16 +01:00
ecc.h Bluetooth: Add ECC library for LE Secure Connections 2014-12-03 16:51:16 +01:00
hci_conn.c Bluetooth: Use continuous scanning when creating LE connections 2016-03-03 15:07:16 -08:00
hci_core.c Bluetooth: Check for supported white list before issuing commands 2015-11-05 04:03:21 +01:00
hci_debugfs.c Bluetooth: Expose current Device ID information via debugfs 2015-04-02 08:40:35 +03:00
hci_debugfs.h Bluetooth: Provide option to enable/disable debugfs information 2015-02-15 18:54:13 +02:00
hci_event.c Bluetooth: Rename bt_cb()->req into bt_cb()->hci 2015-10-26 08:21:03 +02:00
hci_request.c Bluetooth: Fix incorrect removing of IRKs 2016-03-03 15:07:16 -08:00
hci_request.h Bluetooth: Introduce hci_req helper to abort a connection 2015-10-22 11:37:22 +02:00
hci_sock.c Bluetooth: Fix user channel for 32bit userspace on 64bit kernel 2017-05-20 14:27:02 +02:00
hci_sysfs.c
Kconfig Bluetooth: Add BT_HS config option 2015-07-30 13:31:59 +02:00
l2cap_core.c Bluetooth: Properly check L2CAP config option output buffer length 2017-09-13 14:09:46 -07:00
l2cap_sock.c Bluetooth: Fix l2cap_sock_setsockopt() with optname BT_RCVMTU 2016-08-20 18:09:19 +02:00
lib.c Bluetooth: Add BT_WARN and bt_dev_warn logging macros 2015-09-24 16:25:44 +02:00
Makefile Bluetooth: Add BT_HS config option 2015-07-30 13:31:59 +02:00
mgmt.c Bluetooth: Fix potential buffer overflow with Add Advertising 2016-04-12 09:08:54 -07:00
mgmt_util.c Bluetooth: Add generic mgmt helper API 2015-03-17 18:03:08 +01:00
mgmt_util.h Bluetooth: Add generic mgmt helper API 2015-03-17 18:03:08 +01:00
sco.c bluetooth: Validate socket address length in sco_sock_bind(). 2015-12-15 15:39:08 -05:00
selftest.c Bluetooth: Export ECDH selftest result in debugfs 2015-04-02 08:47:38 +03:00
selftest.h Bluetooth: Add support for self testing framework 2014-12-30 08:53:55 +02:00
smp.c Bluetooth: use constant time memory comparison for secret values 2017-07-27 15:06:04 -07:00
smp.h Bluetooth: Fix crash in SMP when unpairing 2015-10-22 09:02:03 +02:00