Move the priv check before the malloc call for so_pcb.
In case attach fails because of the priv check we leaked the memory and left so_pcb as fodder for invariants. Reported by: Pawel Worach Reviewed by: rwatson
This commit is contained in:
Bjoern A. Zeeb
parent
12b3ebf5f5
commit
cf94a6a9ca
@ -387,18 +387,18 @@ key_attach(struct socket *so, int proto, struct thread *td)
|
||||
|
||||
KASSERT(so->so_pcb == NULL, ("key_attach: so_pcb != NULL"));
|
||||
|
||||
if (td != NULL) {
|
||||
error = priv_check(td, PRIV_NET_RAW);
|
||||
if (error)
|
||||
return error;
|
||||
}
|
||||
|
||||
/* XXX */
|
||||
MALLOC(kp, struct keycb *, sizeof *kp, M_PCB, M_WAITOK | M_ZERO);
|
||||
if (kp == 0)
|
||||
return ENOBUFS;
|
||||
|
||||
so->so_pcb = (caddr_t)kp;
|
||||
|
||||
if (td != NULL) {
|
||||
error = priv_check(td, PRIV_NET_RAW);
|
||||
if (error)
|
||||
return error;
|
||||
}
|
||||
error = raw_attach(so, proto);
|
||||
kp = (struct keycb *)sotorawcb(so);
|
||||
if (error) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user