From cf33d63af841d2f43d7b2ae8f2995c607cc88a49 Mon Sep 17 00:00:00 2001
From: Hansong Zhang <hsz@google.com>
Date: Tue, 29 May 2018 17:35:01 -0700
Subject: [PATCH] DO NOT MERGE SMP: Check p_cb->role in
 smp_br_state_machine_event

Bug: 80145946
Test: manual
Change-Id: Ic83eaa4be868d5a345d80cd50a6915c0af719a53
---
 stack/smp/smp_l2c.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/stack/smp/smp_l2c.c b/stack/smp/smp_l2c.c
index 6f97742c5..5d1ad0af3 100644
--- a/stack/smp/smp_l2c.c
+++ b/stack/smp/smp_l2c.c
@@ -29,7 +29,7 @@
 #include <string.h>
 #include "btm_ble_api.h"
 #include "l2c_api.h"
-
+#include "log/log.h"
 #include "smp_int.h"
 
 
@@ -261,6 +261,12 @@ static void smp_br_connect_callback(UINT16 channel, BD_ADDR bd_addr, BOOLEAN con
                      (bd_addr[4]<<8)+bd_addr[5],
                      (connected) ? "connected" : "disconnected");
 
+    if (p_cb->role > HCI_ROLE_SLAVE) {
+        SMP_TRACE_ERROR ("%s: invalid role %d", __func__, p_cb->role);
+        android_errorWriteLog(0x534e4554, "80145946");
+        return;
+    }
+
     if (connected)
     {
         if(!p_cb->connect_initialized)
-- 
2.11.0