Bluetooth: Fix dereference after NULL check

Move code dereferencing possible NULL pointer to the check branch. Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>

Bluetooth: Fix dereference after NULL check
Move code dereferencing possible NULL pointer to the check branch. Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
85e34368 · Andrei Emeltchenko · Gustavo Padovan · 079db0c6 · 85e34368
Commit 85e34368 authored Oct 05, 2012 by Andrei Emeltchenko Committed by Gustavo Padovan Oct 08, 2012
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 5 deletions

net/bluetooth/l2cap_sock.c net/bluetooth/l2cap_sock.c +6 -5

No files found.
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -382,13 +382,14 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch
 		}
 		memset(&sec, 0, sizeof(sec));
-		if (chan->conn)
+		if (chan->conn) {
 			sec.level = chan->conn->hcon->sec_level;
-		else
-			sec.level = chan->sec_level;
-		if (sk->sk_state == BT_CONNECTED)
+			if (sk->sk_state == BT_CONNECTED)
-			sec.key_size = chan->conn->hcon->enc_key_size;
+				sec.key_size = chan->conn->hcon->enc_key_size;
+		} else {
+			sec.level = chan->sec_level;
+		}
 		len = min_t(unsigned int, len, sizeof(sec));
 		if (copy_to_user(optval, (char *) &sec, len))