Commit 94d5f085 authored by Erik Brockhoff's avatar Erik Brockhoff Committed by Carles Cufi
Browse files

Bluetooth: controller: fixing error re. all zero chmap in conn-ind 



When a connect indication contains a channel map of all zeros, the
adv->conn is left NULL'ed after return and next connect attempt leads
to a crash.

This was identified via the Sweyntooth test suite executing the script
re. issue 6.14 towards an Oticon target.

Signed-off-by: default avatarErik Brockhoff <erbr@oticon.com>
parent b2be8044

subsys/bluetooth/controller/ll_sw/ull_slave.c

+3 −2
Original line number Diff line number Diff line
@@ -67,8 +67,6 @@ void ull_slave_setup(memq_link_t *link, struct node_rx_hdr *rx, 
	uint16_t interval;

	uint8_t chan_sel;



	((struct lll_adv *)ftr->param)->conn = NULL;



	adv = ((struct lll_adv *)ftr->param)->hdr.parent;

	conn = lll->hdr.parent;
@@ -87,6 +85,9 @@ void ull_slave_setup(memq_link_t *link, struct node_rx_hdr *rx, 
	if ((lll->data_chan_hop < 5) || (lll->data_chan_hop > 16)) {

		return;

	}



	((struct lll_adv *)ftr->param)->conn = NULL;



	interval = sys_le16_to_cpu(pdu_adv->connect_ind.interval);

	lll->interval = interval;

	lll->latency = sys_le16_to_cpu(pdu_adv->connect_ind.latency);

CRA Git | Maintained and supported by SUSTech CRA and CCSE