* [PATCH] crypto/chtls: Fix double free in chtls_pass_accept_request()
@ 2020-08-24 8:59 Dan Carpenter
0 siblings, 0 replies; only message in thread
From: Dan Carpenter @ 2020-08-24 8:59 UTC (permalink / raw)
To: Ayush Sawal
Cc: Vinay Kumar Yadav, Rohit Maheshwari, Herbert Xu, David S. Miller,
Florian Westphal, Eric Dumazet, Shahjada Abul Husain,
linux-crypto, kernel-janitors
The chtls_recv_sock() function frees "oreq" so the free here is a double
free.
Fixes: 6abde0b24122 ("crypto/chtls: IPv6 support for inline TLS")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
drivers/crypto/chelsio/chtls/chtls_cm.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/crypto/chelsio/chtls/chtls_cm.c b/drivers/crypto/chelsio/chtls/chtls_cm.c
index 05520dccd906..140342024bd1 100644
--- a/drivers/crypto/chelsio/chtls/chtls_cm.c
+++ b/drivers/crypto/chelsio/chtls/chtls_cm.c
@@ -1381,7 +1381,7 @@ static void chtls_pass_accept_request(struct sock *sk,
newsk = chtls_recv_sock(sk, oreq, network_hdr, req, cdev);
if (!newsk)
- goto free_oreq;
+ goto reject;
if (chtls_get_module(newsk))
goto reject;
@@ -1397,8 +1397,6 @@ static void chtls_pass_accept_request(struct sock *sk,
kfree_skb(skb);
return;
-free_oreq:
- chtls_reqsk_free(oreq);
reject:
mk_tid_release(reply_skb, 0, tid);
cxgb4_ofld_send(cdev->lldi->ports[0], reply_skb);
--
2.28.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2020-08-24 8:59 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-24 8:59 [PATCH] crypto/chtls: Fix double free in chtls_pass_accept_request() Dan Carpenter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).