[Bluetooth] Fix L2CAP and HCI setsockopt() information leaks (CVE-2007-1353)

[Bluetooth] Fix L2CAP and HCI setsockopt() information leaks (CVE-2007-1353)

Problem reported by Ilja van Sprundel. Assigned CVE-2007-1353.
Fix below from Marcel Holtmann, backported to 2.4.

The L2CAP and HCI setsockopt() implementations have a small information
leak that makes it possible to leak kernel stack memory to userspace.

If the optlen parameter is 0, no data will be copied by copy_from_user(),
but the uninitialized stack buffer will be read and stored later. A call
to getsockopt() can now retrieve the leaked information.

To fix this problem the stack buffer given to copy_from_user() must be
initialized with the current settings.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>