Bluetooth: Check for valid key->authenticated value for LTKs

This patch adds necessary checks for the two allowed values of the authenticated parameter of each Long Term Key, i.e. 0x00 and 0x01. If any other value is encountered the valid response is to return invalid params to user space. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>

Bluetooth: Check for valid key->authenticated value for LTKs
This patch adds necessary checks for the two allowed values of the authenticated parameter of each Long Term Key, i.e. 0x00 and 0x01. If any other value is encountered the valid response is to return invalid params to user space. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
44b20d33 · Johan Hedberg · Gustavo Padovan · 3f706b72 · 44b20d33
Commit 44b20d33 authored Jan 20, 2013 by Johan Hedberg Committed by Gustavo Padovan Jan 23, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

net/bluetooth/mgmt.c net/bluetooth/mgmt.c +2 -0

No files found.
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -2703,6 +2703,8 @@ static int set_fast_connectable(struct sock *sk, struct hci_dev *hdev,

 static bool ltk_is_valid(struct mgmt_ltk_info *key)
 {
+	if (key->authenticated != 0x00 && key->authenticated != 0x01)
+		return false;
 	if (key->master != 0x00 && key->master != 0x01)
 		return false;
 	return true;