Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bluetooth: Never deallocate a session when some DLC points to it
Fix a bug introduced in commit 9cf5b0e: function rfcomm_recv_ua calls rfcomm_session_put without checking that the session is not referenced by some DLC. If the session is freed, that DLC would refer to deallocated memory, causing an oops later, as shown in this bug report: https://bugzilla.kernel.org/show_bug.cgi?id=15994 Signed-off-by: Lukas Turek <8an@praha12.net> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
- Loading branch information