From: Vlad Yasevich Date: Wed, 23 May 2007 15:11:37 +0000 (-0400) Subject: [SCTP] Fix leak in sctp_getsockopt_local_addrs when copy_to_user fails X-Git-Tag: firefly_0821_release~28706^2^2~3 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=fe979ac169970b3d12facd6565766735862395c5;p=firefly-linux-kernel-4.4.55.git [SCTP] Fix leak in sctp_getsockopt_local_addrs when copy_to_user fails If the copy_to_user or copy_user calls fail in sctp_getsockopt_local_addrs(), the function should free locally allocated storage before returning error. Spotted by Coverity. Signed-off-by: Vlad Yasevich Acked-by: Sridhar Samudrala --- diff --git a/net/sctp/socket.c b/net/sctp/socket.c index a5b6e559451e..45510c46c223 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4352,11 +4352,12 @@ copy_getaddrs: err = -EFAULT; goto error; } - if (put_user(cnt, &((struct sctp_getaddrs __user *)optval)->addr_num)) - return -EFAULT; + if (put_user(cnt, &((struct sctp_getaddrs __user *)optval)->addr_num)) { + err = -EFAULT; + goto error; + } if (put_user(bytes_copied, optlen)) - return -EFAULT; - + err = -EFAULT; error: kfree(addrs); return err;