Bluetooth: Fix the potential crash issue

There is a logic error in the event function. We should
check the callback function's parameter before calling.

Change-Id: I06a4a8c50317e5ec4ae8fe35e4b788105e090196
Fixes: bde01c80dd51 ("Bluetooth: Set le data length command and event")
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>

diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 4adebfb..233e68a 100644 (file)
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -2008,11 +2008,11 @@ static void hci_le_data_length_changed_complete_evt(struct hci_dev *hdev,
                conn->tx_time = le16_to_cpu(ev->tx_time);
                conn->rx_len = le16_to_cpu(ev->rx_len);
                conn->rx_time = le16_to_cpu(ev->rx_time);
-       }
 
-       mgmt_le_data_length_change_complete(hdev, &conn->dst,
+               mgmt_le_data_length_change_complete(hdev, &conn->dst,
                                            conn->tx_len, conn->tx_time,
                                            conn->rx_len, conn->rx_time);
+       }
 
        hci_dev_unlock(hdev);
 }