aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth
diff options
context:
space:
mode:
authorJohann Felix Soden <johfel@users.sourceforge.net>2010-02-15 22:23:48 +0100
committerMarcel Holtmann <marcel@holtmann.org>2010-02-28 00:47:30 -0800
commitf6e623a65cb301088bd04794043e82bfc996c512 (patch)
treea21946f9190a137875071125c6125d5f8c14efbd /net/bluetooth
parent705e5711b61e9622b2d88850f38c219014aa0780 (diff)
downloadkernel_samsung_smdk4412-f6e623a65cb301088bd04794043e82bfc996c512.tar.gz
kernel_samsung_smdk4412-f6e623a65cb301088bd04794043e82bfc996c512.tar.bz2
kernel_samsung_smdk4412-f6e623a65cb301088bd04794043e82bfc996c512.zip
Bluetooth: Fix out of scope variable access in hci_sock_cmsg()
The pointer data can point to the variable ctv. Access to data happens when ctv is already out of scope. Signed-off-by: Johann Felix Soden <johfel@users.sourceforge.net> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/hci_sock.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 688cfebfbee..38f08f6b86f 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -329,6 +329,9 @@ static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_
}
if (mask & HCI_CMSG_TSTAMP) {
+#ifdef CONFIG_COMPAT
+ struct compat_timeval ctv;
+#endif
struct timeval tv;
void *data;
int len;
@@ -339,7 +342,6 @@ static inline void hci_sock_cmsg(struct sock *sk, struct msghdr *msg, struct sk_
len = sizeof(tv);
#ifdef CONFIG_COMPAT
if (msg->msg_flags & MSG_CMSG_COMPAT) {
- struct compat_timeval ctv;
ctv.tv_sec = tv.tv_sec;
ctv.tv_usec = tv.tv_usec;
data = &ctv;