summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJean Delvare <jdelvare@suse.de>2009-04-22 11:49:51 +0400
committerDavid S. Miller <davem@davemloft.net>2009-04-22 11:49:51 +0400
commitcc29c70dd581f85ee7a3e7980fb031f90b90a2ab (patch)
treeb28331df9330eb6ba156bc9baeae966ff44196a1
parent50b2ff1bc47baacb8e9882b2b2a74b240ddbeecf (diff)
downloadlinux-cc29c70dd581f85ee7a3e7980fb031f90b90a2ab.tar.xz
net/netrom: Fix socket locking
Patch "af_rose/x25: Sanity check the maximum user frame size" (commit 83e0bbcbe2145f160fbaa109b0439dae7f4a38a9) from Alan Cox got locking wrong. If we bail out due to user frame size being too large, we must unlock the socket beforehand. Signed-off-by: Jean Delvare <jdelvare@suse.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/netrom/af_netrom.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c
index 4e705f87969f..3be0e016ab7d 100644
--- a/net/netrom/af_netrom.c
+++ b/net/netrom/af_netrom.c
@@ -1084,8 +1084,10 @@ static int nr_sendmsg(struct kiocb *iocb, struct socket *sock,
/* Build a packet - the conventional user limit is 236 bytes. We can
do ludicrously large NetROM frames but must not overflow */
- if (len > 65536)
- return -EMSGSIZE;
+ if (len > 65536) {
+ err = -EMSGSIZE;
+ goto out;
+ }
SOCK_DEBUG(sk, "NET/ROM: sendto: building packet.\n");
size = len + NR_NETWORK_LEN + NR_TRANSPORT_LEN;