net/netrom: Fix socket locking

Patch "af_rose/x25: Sanity check the maximum user frame size" (commit 83e0bbcb) from Alan Cox got locking wrong. If we bail out due to user frame size being too large, we must unlock the socket beforehand. Signed-off-by: N Jean Delvare <jdelvare@suse.de> Signed-off-by: N David S. Miller <davem@davemloft.net>

net/netrom: Fix socket locking
Patch "af_rose/x25: Sanity check the maximum user frame size" (commit 83e0bbcb) from Alan Cox got locking wrong. If we bail out due to user frame size being too large, we must unlock the socket beforehand. Signed-off-by: N Jean Delvare <jdelvare@suse.de> Signed-off-by: N David S. Miller <davem@davemloft.net>
cc29c70d · Jean Delvare · David S. Miller · 50b2ff1b · cc29c70d
显示空白变更内容
内联并排

Showing with 4 addition and 2 deletion

net/netrom/af_netrom.c net/netrom/af_netrom.c +4 -2

未找到文件。
--- a/net/netrom/af_netrom.c
+++ b/net/netrom/af_netrom.c
@@ -1084,8 +1084,10 @@ static int nr_sendmsg(struct kiocb *iocb, struct socket *sock,

 	/* Build a packet - the conventional user limit is 236 bytes. We can
 	   do ludicrously large NetROM frames but must not overflow */
-	if (len > 65536)
-		return -EMSGSIZE;
+	if (len > 65536) {
+		err = -EMSGSIZE;
+		goto out;
+	}

 	SOCK_DEBUG(sk, "NET/ROM: sendto: building packet.\n");
 	size = len + NR_NETWORK_LEN + NR_TRANSPORT_LEN;