[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bluetooth-dev] Possible cause for crash?



In btd.c, first the physical serial dev's line discipline is set with set_bt_line_disc(), then the stack is initialized with init_stack(). The first function enables calling hci_receive_data() every time something is received from the serial device. If 
something arrives after set_bt_line_disc() but before init_stack(), hci_receive_data() is called with HCI uninitialized. This may have bad effects: if the data are a valid event packet, a wait queue could be woken up before it is initialized with 
init_waitqueue_head().

Do you think this is dangerous? Or does something already prevent this from happening?
---------------------------------------------------------
Fabrizio Gennari          tel. +39 039 203 7816
Philips Research Monza    fax. +39 039 203 7800
via G. Casati 23          fabrizio.gennari@xxxxxxx.com
20052 Monza (MI) Italy    http://www.research.philips.com
-
To unsubscribe from this list: send the line "unsubscribe bluetooth-dev" in
the body of a message to majordomo@xxxxxxx.com