This patch tries to fix an issue reported in net/ipv4/udp.c by
Coverity, please review and apply if correct.
Error reported:
CID: 2623
Checker: USE_AFTER_FREE
File: net/ipv4/udp.c
Function: udp_recvmsg
Description: Dereferencing freed pointer "skb" in call to function
"skb_free_datagram"
Patch Description:
The kfree_skb(skb) call seems unnecessary as the skb_free_datagram
after that will free the skb. This patch removes the clear flag and
call to kfree_skb()
Signed-off-by: Jayachandran C. <c.jayachandran at gmail.com>
---
udp.c | 4 ----
1 files changed, 4 deletions(-)
diff -ur linux-2.6.15-rc3-git1.clean/net/ipv4/udp.c
linux-2.6.15-rc3-git1/net/ipv4/udp.c
--- linux-2.6.15-rc3-git1.clean/net/ipv4/udp.c Wed Nov 30 21:55:27 2005
+++ linux-2.6.15-rc3-git1/net/ipv4/udp.c Thu Dec 1 05:23:40 2005
@@ -848,15 +848,11 @@
/* Clear queue. */
if (flags&MSG_PEEK) {
- int clear = 0;
spin_lock_bh(&sk->sk_receive_queue.lock);
if (skb == skb_peek(&sk->sk_receive_queue)) {
__skb_unlink(skb, &sk->sk_receive_queue);
- clear = 1;
}
spin_unlock_bh(&sk->sk_receive_queue.lock);
- if (clear)
- kfree_skb(skb);
}
skb_free_datagram(sk, skb);
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
