Commit 053c7e0c authored by Johan Hedberg's avatar Johan Hedberg

Bluetooth: Fix device_found event length for remote name resolving

The correct length of the event is the size of the ev struct (not size
of the pointer like the code was previously using) plus the length of
the variable-sized EIR data at the end of the struct.
Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
Acked-by: default avatarMarcel Holtmann <marcel@holtmann.org>
parent e8777525
...@@ -2964,7 +2964,8 @@ int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type, ...@@ -2964,7 +2964,8 @@ int mgmt_remote_name(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 link_type,
put_unaligned_le16(eir_len, &ev->eir_len); put_unaligned_le16(eir_len, &ev->eir_len);
return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, &ev, sizeof(ev), NULL); return mgmt_event(MGMT_EV_DEVICE_FOUND, hdev, ev,
sizeof(*ev) + eir_len, NULL);
} }
int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status) int mgmt_start_discovery_failed(struct hci_dev *hdev, u8 status)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment