Showing error 1770

User: Jiri Slaby
Error type: Invalid Pointer Dereference
Error type description: A pointer which is invalid is being dereferenced
File location: net/bluetooth/l2cap.c
Line in file: 827
Project: Linux Kernel
Project version: 2.6.28
Tools: Smatch (1.59)
Entered: 2013-09-10 20:24:52 UTC

Source: 

 797                        auth_type = HCI_AT_NO_BONDING_MITM;
 798                else
 799                        auth_type = HCI_AT_GENERAL_BONDING_MITM;
 800        } else {
 801                if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001))
 802                        auth_type = HCI_AT_NO_BONDING;
 803                else
 804                        auth_type = HCI_AT_GENERAL_BONDING;
 805        }
 806
 807        hcon = hci_connect(hdev, ACL_LINK, dst, auth_type);
 808        if (!hcon)
 809                goto done;
 810
 811        conn = l2cap_conn_add(hcon, 0);
 812        if (!conn) {
 813                hci_conn_put(hcon);
 814                goto done;
 815        }
 816
 817        err = 0;
 818
 819        /* Update source addr of the socket */
 820        bacpy(src, conn->src);
 821
 822        l2cap_chan_add(conn, sk, NULL);
 823
 824        sk->sk_state = BT_CONNECT;
 825        l2cap_sock_set_timer(sk, sk->sk_sndtimeo);
 826
 827        if (hcon->state == BT_CONNECTED) {
 828                if (sk->sk_type != SOCK_SEQPACKET) {
 829                        l2cap_sock_clear_timer(sk);
 830                        sk->sk_state = BT_CONNECTED;
 831                } else
 832                        l2cap_do_start(sk);
 833        }
 834
 835done:
 836        hci_dev_unlock_bh(hdev);
 837        hci_dev_put(hdev);
Show full sources