In rawsock_connect, the device is allocated by calling nfc_get_device.
In case of incorrect bounds index, the device should be freed by
calling nfc_put_device. The patch fixes this issue.
Signed-off-by: Aditya Pakki <[email protected]>
---
net/nfc/rawsock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c
index ba5ffd3badd3..4f0f0ea4c009 100644
--- a/net/nfc/rawsock.c
+++ b/net/nfc/rawsock.c
@@ -105,7 +105,7 @@ static int rawsock_connect(struct socket *sock, struct sockaddr *_addr,
if (addr->target_idx > dev->target_next_idx - 1 ||
addr->target_idx < dev->target_next_idx - dev->n_targets) {
rc = -EINVAL;
- goto error;
+ goto put_dev;
}
rc = nfc_activate_target(dev, addr->target_idx, addr->nfc_protocol);
--
2.25.1
On Fri, Jun 12, 2020 at 03:37:43PM -0500, Aditya Pakki wrote:
> In rawsock_connect, the device is allocated by calling nfc_get_device.
> In case of incorrect bounds index, the device should be freed by
> calling nfc_put_device. The patch fixes this issue.
Hi Aditya
Putting nfc in the Subject: would of been nice.
People are more likely to review your patch if they can easily spot it
modifies some core they are interested in. The name of the driver, or
the subsystem in net/ is something that people look out for.
You might also want to read the netdev FAQ.
Andrew