From 6d85bd5a84512349580a760e11d1907eff7f1229 Mon Sep 17 00:00:00 2001
From: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Date: Wed, 20 Jul 2022 16:25:44 +0200
Subject: [PATCH] Bluetooth: gatt: Fix potential NULL pointer dereference

If the device was not paired, the conn->le.keys is NULL, so
conn->le.keys will cause NULL pointer dereference.

Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
---
 subsys/bluetooth/host/gatt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/subsys/bluetooth/host/gatt.c b/subsys/bluetooth/host/gatt.c
index a312253457b4..eacb520bae22 100644
--- a/subsys/bluetooth/host/gatt.c
+++ b/subsys/bluetooth/host/gatt.c
@@ -2877,7 +2877,7 @@ uint8_t bt_gatt_check_perm(struct bt_conn *conn, const struct bt_gatt_attr *attr
 	mask &= attr->perm;
 
 	if (mask & BT_GATT_PERM_LESC_MASK) {
-		if (!IS_ENABLED(CONFIG_BT_SMP) ||
+		if (!IS_ENABLED(CONFIG_BT_SMP) || !conn->le.keys ||
 		    (conn->le.keys->flags & BT_KEYS_SC) == 0) {
 			return BT_ATT_ERR_AUTHENTICATION;
 		}