Bluetooth: mgmt: Fix corruption of device_connected pkt
authorBrian Gix <bgix@codeaurora.org>
Fri, 9 Mar 2012 22:07:03 +0000 (14:07 -0800)
committerGustavo Padovan <gustavo@padovan.org>
Wed, 28 Mar 2012 18:06:09 +0000 (15:06 -0300)
Incorrect pointer passed to eir_append_data made mgmt_device_connected
event unparsable by mgmt user space entity.

Signed-off-by: Brian Gix <bgix@codeaurora.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
net/bluetooth/mgmt.c

index 7fcff888713171cb760296726fdcfca19f72aaca..0e169dacfd4f7dae0ad058620863cfa18f9179a0 100644 (file)
@@ -2936,7 +2936,7 @@ int mgmt_device_connected(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
                                          name, name_len);
 
        if (dev_class && memcmp(dev_class, "\0\0\0", 3) != 0)
-               eir_len = eir_append_data(&ev->eir[eir_len], eir_len,
+               eir_len = eir_append_data(ev->eir, eir_len,
                                          EIR_CLASS_OF_DEV, dev_class, 3);
 
        put_unaligned_le16(eir_len, &ev->eir_len);