| Message ID | 20200612203745.58304-1-pakki001@umn.edu |
|---|---|
| State | New |
| Headers | show |
| Series | net: Fix a potential incorrect error handling in rawsock_connect | expand |
diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c index ba5ffd3badd3..4f0f0ea4c009 100644 --- a/net/nfc/rawsock.c +++ b/net/nfc/rawsock.c @@ -105,7 +105,7 @@ static int rawsock_connect(struct socket *sock, struct sockaddr *_addr, if (addr->target_idx > dev->target_next_idx - 1 || addr->target_idx < dev->target_next_idx - dev->n_targets) { rc = -EINVAL; - goto error; + goto put_dev; } rc = nfc_activate_target(dev, addr->target_idx, addr->nfc_protocol);
In rawsock_connect, the device is allocated by calling nfc_get_device. In case of incorrect bounds index, the device should be freed by calling nfc_put_device. The patch fixes this issue. Signed-off-by: Aditya Pakki <pakki001@umn.edu> --- net/nfc/rawsock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)