diff options
author | Sasha Levin <levinsasha928@gmail.com> | 2012-06-06 23:02:55 +0200 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2012-06-08 19:47:07 +0200 |
commit | 58d1eab7ef1d7ff8e448699dfd1a21b7f3303296 (patch) | |
tree | 6221c2536b5283fadc7f64bd3e2ae57dfa50dfbc | |
parent | iwlwifi: disable the buggy chain extension feature in HW (diff) | |
download | linux-58d1eab7ef1d7ff8e448699dfd1a21b7f3303296.tar.xz linux-58d1eab7ef1d7ff8e448699dfd1a21b7f3303296.zip |
NFC: Fix possible NULL ptr deref when getting the name of a socket
llcp_sock_getname() might get called before the LLCP socket was created.
This condition isn't checked, and llcp_sock_getname will simply deref a
NULL ptr in that case.
This exists starting with d646960 ("NFC: Initial LLCP support").
Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r-- | net/nfc/llcp/sock.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/nfc/llcp/sock.c b/net/nfc/llcp/sock.c index 3f339b19d140..17a707db40eb 100644 --- a/net/nfc/llcp/sock.c +++ b/net/nfc/llcp/sock.c @@ -292,6 +292,9 @@ static int llcp_sock_getname(struct socket *sock, struct sockaddr *addr, pr_debug("%p\n", sk); + if (llcp_sock == NULL) + return -EBADFD; + addr->sa_family = AF_NFC; *len = sizeof(struct sockaddr_nfc_llcp); |