caif: Plug memory leak for checksum error

In case of checksum error, the framing layer returns -EILSEQ, but does not free the packet. Plug this hole by freeing the packet if -EILSEQ is returned. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>

caif: Plug memory leak for checksum error
In case of checksum error, the framing layer returns -EILSEQ, but does not free the packet. Plug this hole by freeing the packet if -EILSEQ is returned. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
69c867c9 · sjur.brandeland@stericsson.com · David S. Miller · 138eded8 · 69c867c9
Commit 69c867c9 authored May 22, 2011 by sjur.brandeland@stericsson.com Committed by David S. Miller May 22, 2011
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 1 deletion

net/caif/caif_dev.c net/caif/caif_dev.c +6 -1

No files found.
--- a/net/caif/caif_dev.c
+++ b/net/caif/caif_dev.c
@@ -142,6 +142,7 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
 {
 	struct cfpkt *pkt;
 	struct caif_device_entry *caifd;
+	int err;

 	pkt = cfpkt_fromnative(CAIF_DIR_IN, skb);

@@ -159,7 +160,11 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
 	caifd_hold(caifd);
 	rcu_read_unlock();

-	caifd->layer.up->receive(caifd->layer.up, pkt);
+	err = caifd->layer.up->receive(caifd->layer.up, pkt);
+
+	/* For -EILSEQ the packet is not freed so so it now */
+	if (err == -EILSEQ)
+		cfpkt_destroy(pkt);

 	/* Release reference to stack upwards */
 	caifd_put(caifd);