Bluetooth: Fix possible NULL dereference in hci_uart_tty_receive
authorChan-yeol Park <chanyeol.park@samsung.com>
Tue, 2 Apr 2013 12:24:22 +0000 (21:24 +0900)
committerJohan Hedberg <johan.hedberg@intel.com>
Thu, 4 Apr 2013 09:36:00 +0000 (12:36 +0300)
This patch adds a NULL check for the HCI UART ldisc driver because some
of HCI UART drivers allow hci_uart_tty_receive function to be called
even though the HCI device hasn't been registered yet.

Signed-off-by: Chan-yeol Park <chanyeol.park@samsung.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
drivers/bluetooth/hci_ldisc.c

index ed0fade..d710d8b 100644 (file)
@@ -388,7 +388,10 @@ static void hci_uart_tty_receive(struct tty_struct *tty, const u8 *data, char *f
 
        spin_lock(&hu->rx_lock);
        hu->proto->recv(hu, (void *) data, count);
-       hu->hdev->stat.byte_rx += count;
+
+       if (hu->hdev)
+               hu->hdev->stat.byte_rx += count;
+
        spin_unlock(&hu->rx_lock);
 
        tty_unthrottle(tty);