[PATCH v2] Bluetooth: 6LoWPAN: Add missing check for skb_clone
From: Jiasheng Jiang
Date: Wed Mar 15 2023 - 03:06:48 EST
Add the check for the return value of skb_clone since it may return NULL
pointer and cause NULL pointer dereference in send_pkt.
Fixes: 18722c247023 ("Bluetooth: Enable 6LoWPAN support for BT LE devices")
Signed-off-by: Jiasheng Jiang <jiasheng@xxxxxxxxxxx>
---
Changelog:
v1 -> v2:
1. Modify the error handling in the loop.
---
net/bluetooth/6lowpan.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/net/bluetooth/6lowpan.c b/net/bluetooth/6lowpan.c
index 4eb1b3ced0d2..55ae2ff40efb 100644
--- a/net/bluetooth/6lowpan.c
+++ b/net/bluetooth/6lowpan.c
@@ -477,19 +477,25 @@ static int send_mcast_pkt(struct sk_buff *skb, struct net_device *netdev)
int ret;
local_skb = skb_clone(skb, GFP_ATOMIC);
+ if (!local_skb) {
+ err = -ENOMEM;
+ goto out;
+ }
BT_DBG("xmit %s to %pMR type %u IP %pI6c chan %p",
netdev->name,
&pentry->chan->dst, pentry->chan->dst_type,
&pentry->peer_addr, pentry->chan);
ret = send_pkt(pentry->chan, local_skb, netdev);
- if (ret < 0)
- err = ret;
-
kfree_skb(local_skb);
+ if (ret < 0) {
+ err = ret;
+ goto out;
+ }
}
}
+out:
rcu_read_unlock();
return err;
--
2.25.1