Commit d088337c authored by Navid Emamdoost's avatar Navid Emamdoost Committed by Marcel Holtmann

Bluetooth: Fix memory leak in hci_connect_le_scan

In the implementation of hci_connect_le_scan() when conn is added via
hci_conn_add(), if hci_explicit_conn_params_set() fails the allocated
memory for conn is leaked. Use hci_conn_del() to release it.

Fixes: f75113a2 ("Bluetooth: add hci_connect_le_scan")
Signed-off-by: default avatarNavid Emamdoost <navid.emamdoost@gmail.com>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
parent 7fdf6c6a
...@@ -1176,8 +1176,10 @@ struct hci_conn *hci_connect_le_scan(struct hci_dev *hdev, bdaddr_t *dst, ...@@ -1176,8 +1176,10 @@ struct hci_conn *hci_connect_le_scan(struct hci_dev *hdev, bdaddr_t *dst,
if (!conn) if (!conn)
return ERR_PTR(-ENOMEM); return ERR_PTR(-ENOMEM);
if (hci_explicit_conn_params_set(hdev, dst, dst_type) < 0) if (hci_explicit_conn_params_set(hdev, dst, dst_type) < 0) {
hci_conn_del(conn);
return ERR_PTR(-EBUSY); return ERR_PTR(-EBUSY);
}
conn->state = BT_CONNECT; conn->state = BT_CONNECT;
set_bit(HCI_CONN_SCANNING, &conn->flags); set_bit(HCI_CONN_SCANNING, &conn->flags);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment