Bluetooth: Hack: Don't dereference null pointer.

This avoids the S305 panic during incoming connection.

S305 sends PSM 25 L2CAP connection request before the L2CAP info response.
When we receive that info response we crash on null pointer here.

Bug: 2127637
Change-Id: Ib637516251f46fa9a9c87ac015dc2f27df5a27fd
Signed-off-by: Nick Pelly <npelly@google.com>

diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index e64a1c2df238d3fc0aac368075b8b0fd3bbb6917..32f830acee68ea3aaff5f15301e47af84d2e46b7 100644 (file)
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -620,7 +620,8 @@ static void l2cap_conn_start(struct l2cap_conn *conn)
                                        struct sock *parent = bt_sk(sk)->parent;
                                        rsp.result = cpu_to_le16(L2CAP_CR_PEND);
                                        rsp.status = cpu_to_le16(L2CAP_CS_AUTHOR_PEND);
-                                       parent->sk_data_ready(parent, 0);
+                                       if (parent)
+                                               parent->sk_data_ready(parent, 0);
 
                                } else {
                                        sk->sk_state = BT_CONFIG;