summaryrefslogtreecommitdiff
path: root/net/caif/caif_dev.c
diff options
context:
space:
mode:
authorsjur.brandeland@stericsson.com <sjur.brandeland@stericsson.com>2011-05-22 11:18:54 +0000
committerDavid S. Miller <davem@davemloft.net>2011-05-22 20:11:49 -0400
commit69c867c90c7fe0773d9aa4e8bbf777f574be13d2 (patch)
treeb67c6269246eb32f6826d590ed6067c5ab87e9a2 /net/caif/caif_dev.c
parent138eded8ba1227261a297b32b7940664c14d193e (diff)
caif: Plug memory leak for checksum error
In case of checksum error, the framing layer returns -EILSEQ, but does not free the packet. Plug this hole by freeing the packet if -EILSEQ is returned. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/caif/caif_dev.c')
-rw-r--r--net/caif/caif_dev.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/net/caif/caif_dev.c b/net/caif/caif_dev.c
index 366ca0fb7a29..682c0fedf360 100644
--- a/net/caif/caif_dev.c
+++ b/net/caif/caif_dev.c
@@ -142,6 +142,7 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
{
struct cfpkt *pkt;
struct caif_device_entry *caifd;
+ int err;
pkt = cfpkt_fromnative(CAIF_DIR_IN, skb);
@@ -159,7 +160,11 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
caifd_hold(caifd);
rcu_read_unlock();
- caifd->layer.up->receive(caifd->layer.up, pkt);
+ err = caifd->layer.up->receive(caifd->layer.up, pkt);
+
+ /* For -EILSEQ the packet is not freed so so it now */
+ if (err == -EILSEQ)
+ cfpkt_destroy(pkt);
/* Release reference to stack upwards */
caifd_put(caifd);