Bluetooth: Fix to avoid NULL pointer dereferences This fix for avoiding NULL pointer dereferences: - Added check for state checking in btm_remove_acl function to avoid sending disconnect command if already in Disconnecting state. - Added NULL check for 'pin_code' in btif_dm_pin_reply function - Null check before accessing in BD interface layer configuration node variables. - Add NULL check before accessing p_bd_addr variable to avoid null pointer exception while referring to invalid memory. Change-Id: Ib7ed45b6a1692785a45224d739a564f767e5b10f

commit: 831423ea1879244e746f39d7696ad4a66681f306 [log] [tgz]
author: Hemant Gupta <hemantg@codeaurora.org> Wed Jan 08 12:42:13 2014 +0530
committer: Hemant Gupta <hemantg@codeaurora.org> Sun Jun 29 12:11:02 2014 +0530
tree: 3e4d0f54c1d07518a9dbeb99015639808736b964
parent: c8fe2925af4f5b167b615a0677adebbd156a4387 [diff] [blame]
diff --git a/btif/src/btif_dm.c b/btif/src/btif_dm.c
index d3cc5f8..9f1caef 100644
--- a/btif/src/btif_dm.c
+++ b/btif/src/btif_dm.c

@@ -2059,6 +2059,8 @@
                                uint8_t pin_len, bt_pin_code_t *pin_code)
 {
     BTIF_TRACE_EVENT("%s: accept=%d", __FUNCTION__, accept);
+    if (pin_code == NULL)
+        return BT_STATUS_FAIL;
 #if (defined(BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
 
     if (pairing_cb.is_le_only)
commit	831423ea1879244e746f39d7696ad4a66681f306	[log] [tgz]
author	Hemant Gupta <hemantg@codeaurora.org>	Wed Jan 08 12:42:13 2014 +0530
committer	Hemant Gupta <hemantg@codeaurora.org>	Sun Jun 29 12:11:02 2014 +0530
tree	3e4d0f54c1d07518a9dbeb99015639808736b964
parent	c8fe2925af4f5b167b615a0677adebbd156a4387 [diff] [blame]