Bluetooth: HCI: Fix potential null-ptr-deref

[ Upstream commit d2706004a1b8b526592e823d7e52551b518a7941 ]

Fix potential null-ptr-deref in hci_le_big_sync_established_evt().

Fixes: f777d8827817 (Bluetooth: ISO: Notify user space about failed bis connections)
Signed-off-by: Sungwoo Kim <iam@sung-woo.kim>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 9d1063c51ed29489b88a98260897132890026b20..0f56ad33801e3699cd0b9ab53016f57c977909d8 100644 (file)
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -7181,6 +7181,8 @@ static void hci_le_big_sync_established_evt(struct hci_dev *hdev, void *data,
                        u16 handle = le16_to_cpu(ev->bis[i]);
 
                        bis = hci_conn_hash_lookup_handle(hdev, handle);
+                       if (!bis)
+                               continue;
 
                        set_bit(HCI_CONN_BIG_SYNC_FAILED, &bis->flags);
                        hci_connect_cfm(bis, ev->status);