blob: 6dbbd1e55bd37485bf203008ba3753846f4740aa [file] [log] [blame]
From df5b6025d1a9e2e61dde1fd28257082751264c07 Mon Sep 17 00:00:00 2001
From: Jean Delvare <jdelvare@suse.de>
Date: Wed, 22 Apr 2009 00:49:51 -0700
Subject: net/netrom: Fix socket locking
From: Jean Delvare <jdelvare@suse.de>
upstream commit: cc29c70dd581f85ee7a3e7980fb031f90b90a2ab
Patch "af_rose/x25: Sanity check the maximum user frame size"
(commit 83e0bbcbe2145f160fbaa109b0439dae7f4a38a9) from Alan Cox got
locking wrong. If we bail out due to user frame size being too large,
we must unlock the socket beforehand.
Signed-off-by: Jean Delvare <jdelvare@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
net/netrom/af_netrom.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- a/net/netrom/af_netrom.c
+++ b/net/netrom/af_netrom.c
@@ -1084,8 +1084,10 @@ static int nr_sendmsg(struct kiocb *iocb
/* Build a packet - the conventional user limit is 236 bytes. We can
do ludicrously large NetROM frames but must not overflow */
- if (len > 65536)
- return -EMSGSIZE;
+ if (len > 65536) {
+ err = -EMSGSIZE;
+ goto out;
+ }
SOCK_DEBUG(sk, "NET/ROM: sendto: building packet.\n");
size = len + NR_NETWORK_LEN + NR_TRANSPORT_LEN;