Skip to content
Permalink
Browse files

Bluetooth: SMP: Fix kernel crash if auth handler is NULL

Fix kernel crash if bluetooth authentication handlers has not been
registered. The bt_auth object is then NULL, this dereference caused a
call to an invalid function pointer.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
  • Loading branch information...
joerchan authored and carlescufi committed Aug 7, 2019
1 parent f42617a commit a80ab8bcf68e702f15629f7a63b0cfa978a81afd
Showing with 2 additions and 2 deletions.
  1. +2 −2 subsys/bluetooth/host/smp.c
@@ -3118,7 +3118,7 @@ static u8_t smp_pairing_random(struct bt_smp *smp, struct net_buf *buf)
return BT_SMP_ERR_UNSPECIFIED;
}

if (bt_auth->oob_data_request) {
if (bt_auth && bt_auth->oob_data_request) {
struct bt_conn_oob_info info = {
.type = BT_CONN_OOB_LE_SC,
.lesc.oob_config = BT_CONN_OOB_NO_DATA,
@@ -3528,7 +3528,7 @@ static u8_t smp_public_key(struct bt_smp *smp, struct net_buf *buf)
return BT_SMP_ERR_UNSPECIFIED;
}

if (bt_auth->oob_data_request) {
if (bt_auth && bt_auth->oob_data_request) {
struct bt_conn_oob_info info = {
.type = BT_CONN_OOB_LE_SC,
.lesc.oob_config = BT_CONN_OOB_NO_DATA,

0 comments on commit a80ab8b

Please sign in to comment.
You can’t perform that action at this time.