Skip to content

Commit

Permalink
caif: Plug memory leak for checksum error
Browse files Browse the repository at this point in the history 
In case of checksum error, the framing layer returns -EILSEQ, but
does not free the packet. Plug this hole by freeing the packet if
-EILSEQ is returned.

Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
sjur.brandeland@stericsson.com authored and David S. Miller committed May 23, 2011
1 parent 138eded commit 69c867c
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion net/caif/caif_dev.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,7 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
{
struct cfpkt *pkt;
struct caif_device_entry *caifd;
int err;

pkt = cfpkt_fromnative(CAIF_DIR_IN, skb);

Expand All @@ -159,7 +160,11 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
caifd_hold(caifd);
rcu_read_unlock();

caifd->layer.up->receive(caifd->layer.up, pkt);
err = caifd->layer.up->receive(caifd->layer.up, pkt);

/* For -EILSEQ the packet is not freed so so it now */
if (err == -EILSEQ)
cfpkt_destroy(pkt);

/* Release reference to stack upwards */
caifd_put(caifd);
Expand Down

0 comments on commit 69c867c

Please sign in to comment.