tipc: deal with return value of tipc_conn_new callback
authorYing Xue <ying.xue@windriver.com>
Mon, 4 May 2015 02:36:48 +0000 (10:36 +0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 4 May 2015 19:04:01 +0000 (15:04 -0400)
Once tipc_conn_new() returns NULL, the connection should be shut
down immediately, otherwise, oops may happen due to the NULL pointer.

Signed-off-by: Ying Xue <ying.xue@windriver.com>
Reviewed-by: Jon Maloy <jon.maloy@ericson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/tipc/server.c

index 77ff03ed1e18d13224f086c2315d7123cc931123..a91a2f79209ab19b38829aa106ff56d8e58e5520 100644 (file)
@@ -309,6 +309,10 @@ static int tipc_accept_from_sock(struct tipc_conn *con)
 
        /* Notify that new connection is incoming */
        newcon->usr_data = s->tipc_conn_new(newcon->conid);
+       if (!newcon->usr_data) {
+               sock_release(newsock);
+               return -ENOMEM;
+       }
 
        /* Wake up receive process in case of 'SYN+' message */
        newsock->sk->sk_data_ready(newsock->sk);