From: Anderson Briglia Date: Mon, 19 Sep 2011 18:41:09 +0000 (-0400) Subject: Bluetooth: Fix wrong memcpy size on LE start encryption X-Git-Tag: firefly_0821_release~3680^2~4273^2~83^2~120^2~12 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=51beabdf624df14d0805b001d3f939629b70d9db;p=firefly-linux-kernel-4.4.55.git Bluetooth: Fix wrong memcpy size on LE start encryption This patch fixes wrong memcpy size when copying rand value to HCI_OP_LE_START_ENC command. The compiler pretends that the array parameter was declared as a pointer and sizeof reports the size of the pointer. [1] [1] http://www.c-faq.com/aryptr/aryparmsize.html Signed-off-by: Anderson Briglia Signed-off-by: Anderson Lizardo Signed-off-by: Gustavo F. Padovan --- diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index ea7f031f3b04..c2df7bf1d374 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c @@ -218,7 +218,7 @@ void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8], cp.handle = cpu_to_le16(conn->handle); memcpy(cp.ltk, ltk, sizeof(cp.ltk)); cp.ediv = ediv; - memcpy(cp.rand, rand, sizeof(rand)); + memcpy(cp.rand, rand, sizeof(cp.rand)); hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp); }