[2.6 patch] net/llc/llc_conn.c: fix possible NULL dereference

From: Eugene Teo
Date: Sat May 19 2007 - 01:15:29 EST


skb_peek() might return an empty list. skb should be checked before calling
llc_pdu_sn_hdr() with it.

Spotted by the Coverity checker.

Signed-off-by: Eugene Teo <eteo@xxxxxxxxxx>

diff --git a/net/llc/llc_conn.c b/net/llc/llc_conn.c
index 3b8cfbe..28a3994 100644
--- a/net/llc/llc_conn.c
+++ b/net/llc/llc_conn.c
@@ -323,7 +323,8 @@ int llc_conn_remove_acked_pdus(struct sock *sk, u8 nr, u16
*how_many_unacked)

if (!q_len)
goto out;
- skb = skb_peek(&llc->pdu_unack_q);
+ if (! (skb = skb_peek(&llc->pdu_unack_q)))
+ goto out;
pdu = llc_pdu_sn_hdr(skb);

/* finding position of last acked pdu in queue */

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/