Bluetooth: Fix dereferencing conn variable before NULL check This patch fixes the following type of static analyzer warning (and probably a real bug as well as the NULL check should be there for a reason): net/bluetooth/smp.c:1182 smp_conn_security() warn: variable dereferenced before check 'conn' (see line 1174) Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

commit: c68b7f127d5f517c214e8bcf231d0188f6776d2a [log] [tgz]
author: Johan Hedberg <johan.hedberg@intel.com> Sat Sep 06 06:59:10 2014 +0300
committer: Marcel Holtmann <marcel@holtmann.org> Mon Sep 08 19:07:57 2014 +0200
tree: 586ab7b881e121d59a68340225e6e7f70dc5e07a
parent: 9f06a8d623b2c3aea09292b844e329fbfb401231 [diff] [blame]
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 1201670..560f78a 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c

@@ -1210,7 +1210,7 @@
 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
 {
 	struct l2cap_conn *conn = hcon->l2cap_data;
-	struct l2cap_chan *chan = conn->smp;
+	struct l2cap_chan *chan;
 	struct smp_chan *smp;
 	__u8 authreq;
 	int ret;
@@ -1221,6 +1221,8 @@
 	if (!conn)
 		return 1;
 
+	chan = conn->smp;
+
 	if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
 		return 1;
commit	c68b7f127d5f517c214e8bcf231d0188f6776d2a	[log] [tgz]
author	Johan Hedberg <johan.hedberg@intel.com>	Sat Sep 06 06:59:10 2014 +0300
committer	Marcel Holtmann <marcel@holtmann.org>	Mon Sep 08 19:07:57 2014 +0200
tree	586ab7b881e121d59a68340225e6e7f70dc5e07a
parent	9f06a8d623b2c3aea09292b844e329fbfb401231 [diff] [blame]