Commit 88a94b54 authored by Aditya Pakki's avatar Aditya Pakki Committed by Ziyang Xuan
Browse files

nfc: Fix to check for kmemdup failure 

mainline inclusion
from mainline-v5.1-rc3
commit d7737d42
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I7NLJR
CVE: CVE-2023-3863

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d7737d4257459ca8921ff911c88937be1a11ea9d



---------------------------

In case of kmemdup failure while setting the service name the patch
returns -ENOMEM upstream for processing.

Signed-off-by: default avatarAditya Pakki <pakki001@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Conflicts:
	net/nfc/llcp_sock.c
Signed-off-by: default avatarZiyang Xuan <william.xuanziyang@huawei.com>
parent 7f325203

net/nfc/llcp_sock.c

+9 −4
Original line number Diff line number Diff line
@@ -743,6 +743,10 @@ static int llcp_sock_connect(struct socket *sock, struct sockaddr *_addr, 
	llcp_sock->service_name = kmemdup(addr->service_name,

					  llcp_sock->service_name_len,

					  GFP_KERNEL);

	if (!llcp_sock->service_name) {

		ret = -ENOMEM;

		goto sock_llcp_release;

	}



	nfc_llcp_sock_link(&local->connecting_sockets, sk);
@@ -762,14 +766,15 @@ static int llcp_sock_connect(struct socket *sock, struct sockaddr *_addr, 
	return ret;



sock_unlink:

	nfc_llcp_put_ssap(local, llcp_sock->ssap);

	nfc_llcp_local_put(llcp_sock->local);

	llcp_sock->local = NULL;



	nfc_llcp_sock_unlink(&local->connecting_sockets, sk);

	kfree(llcp_sock->service_name);

	llcp_sock->service_name = NULL;



sock_llcp_release:

	nfc_llcp_put_ssap(local, llcp_sock->ssap);

	nfc_llcp_local_put(llcp_sock->local);

	llcp_sock->local = NULL;



put_dev:

	nfc_put_device(dev);