bluetooth/rfcomm: fix ODEBUG bug in rfcomm_dev_ioctl

Message ID 1583589488-22450-1-git-send-email-hqjagain@gmail.com
State New
Headers show
Series
  • bluetooth/rfcomm: fix ODEBUG bug in rfcomm_dev_ioctl
Related show

Commit Message

Qiujun Huang March 7, 2020, 1:58 p.m.
Needn't call 'rfcomm_dlc_put' here, because 'rfcomm_dlc_exists' didn't
increase dlc->refcnt.

Reported-by: syzbot+4496e82090657320efc6@syzkaller.appspotmail.com
Signed-off-by: Qiujun Huang <hqjagain@gmail.com>
---
 net/bluetooth/rfcomm/tty.c | 1 -
 1 file changed, 1 deletion(-)

Patch

diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c
index 0c7d31c..ea2a1df0 100644
--- a/net/bluetooth/rfcomm/tty.c
+++ b/net/bluetooth/rfcomm/tty.c
@@ -414,7 +414,6 @@  static int __rfcomm_create_dev(struct sock *sk, void __user *arg)
 		if (IS_ERR(dlc))
 			return PTR_ERR(dlc);
 		else if (dlc) {
-			rfcomm_dlc_put(dlc);
 			return -EBUSY;
 		}
 		dlc = rfcomm_dlc_alloc(GFP_KERNEL);