nfc: fix potential illegal memory access

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The frags_q is not properly initialized, it may result in illegal memory
access when conn_info is NULL.
The "goto free_exit" should be replaced by "goto exit".

Signed-off-by: Yang Wei <albin_yang@163.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Yang Wei and committed by

David S. Miller 6 years ago dd006fc4 4993e5b3

+1 -1

1 changed file

expand all

net

nfc

nci

data.c

+1 -1

net/nfc/nci/data.c

··· 107 107 conn_info = nci_get_conn_info_by_conn_id(ndev, conn_id); 108 108 if (!conn_info) { 109 109 rc = -EPROTO; 110 - goto free_exit; 110 + goto exit; 111 111 } 112 112 113 113 __skb_queue_head_init(&frags_q);