From: Marcel Holtmann <marcel@holtmann.org>
Date: Wed, 9 May 2007 07:15:40 +0000 (+0200)
Subject: [Bluetooth] Fix NULL pointer dereference in HCI line discipline
X-Git-Tag: firefly_0821_release~29184^2~28
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=22ad42033b7d2b3d7928fba9f89d1c7f8a3c9581;p=firefly-linux-kernel-4.4.55.git

[Bluetooth] Fix NULL pointer dereference in HCI line discipline

Normally a serial Bluetooth device is opened, TIOSETD'ed to N_HCI line
discipline, HCIUARTSETPROTO'ed and finally closed. In case the device
fails to HCIUARTSETPROTO, closing it produces a NULL pointer dereference.

Signed-off-by: Ohad Ben-Cohen <ohad@bencohen.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
---

diff --git a/drivers/bluetooth/hci_ldisc.c b/drivers/bluetooth/hci_ldisc.c
index 75c15085f81f..e8ae0d7e7716 100644
--- a/drivers/bluetooth/hci_ldisc.c
+++ b/drivers/bluetooth/hci_ldisc.c
@@ -307,7 +307,9 @@ static void hci_uart_tty_close(struct tty_struct *tty)
 
 	if (hu) {
 		struct hci_dev *hdev = hu->hdev;
-		hci_uart_close(hdev);
+
+		if (hdev)
+			hci_uart_close(hdev);
 
 		if (test_and_clear_bit(HCI_UART_PROTO_SET, &hu->flags)) {
 			hu->proto->close(hu);