Bluetooth: sco: prevent information leak in sco_conn_defer_accept()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Smatch complains that some of these struct members are not initialized
leading to a stack information disclosure:

net/bluetooth/sco.c:778 sco_conn_defer_accept() warn:
check that 'cp.retrans_effort' doesn't leak information

This seems like a valid warning. I've added a default case to fix
this issue.

Fixes: 2f69a82acf6f ("Bluetooth: Use voice setting in deferred SCO connection request")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

authored by

Dan Carpenter and committed by

Marcel Holtmann 4 years ago 59da0b38 2cdff8ca

1 changed file

expand all

net

bluetooth

sco.c

net/bluetooth/sco.c

··· 773 773 cp.max_latency = cpu_to_le16(0xffff); 774 774 cp.retrans_effort = 0xff; 775 775 break; 776 + default: 777 + /* use CVSD settings as fallback */ 778 + cp.max_latency = cpu_to_le16(0xffff); 779 + cp.retrans_effort = 0xff; 780 + break; 776 781 } 777 782 778 783 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,