Bluetooth: Fix checking for proper key->master value in Load LTKs

The allowed values for the key->master parameter in the Load LTKs
command are 0x00 and 0x01. If there is a key in the list with some other
value the command should fail with a proper invalid params response.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
This commit is contained in:
Johan Hedberg 2013-01-20 14:27:15 +02:00 committed by Gustavo Padovan
parent e57e619f46
commit 54ad6d8a5a
1 changed files with 9 additions and 0 deletions

View File

@ -2721,6 +2721,15 @@ static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
BT_DBG("%s key_count %u", hdev->name, key_count); BT_DBG("%s key_count %u", hdev->name, key_count);
for (i = 0; i < key_count; i++) {
struct mgmt_ltk_info *key = &cp->keys[i];
if (key->master != 0x00 && key->master != 0x01)
return cmd_status(sk, hdev->id,
MGMT_OP_LOAD_LONG_TERM_KEYS,
MGMT_STATUS_INVALID_PARAMS);
}
hci_dev_lock(hdev); hci_dev_lock(hdev);
hci_smp_ltks_clear(hdev); hci_smp_ltks_clear(hdev);