[PATCH v3] Bluetooth: Fix error handling for l2cap

linux-bluetooth.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH v3] Bluetooth: Fix error handling for l2cap_init()
@ 2010-11-29 16:15 Anderson Lizardo
  2010-11-30  1:05 ` Gustavo F. Padovan
  0 siblings, 1 reply; 2+ messages in thread
From: Anderson Lizardo @ 2010-11-29 16:15 UTC (permalink / raw)
  To: linux-bluetooth; +Cc: Anderson Lizardo

create_singlethread_workqueue() may fail with errors such as -ENOMEM. If
this happens, the return value is not set to a negative value and the
module load will succeed. It will then crash on module unload because of
a destroy_workqueue() call on a NULL pointer.

Additionally, the _busy_wq workqueue is not being destroyed if any
errors happen on l2cap_init().

Signed-off-by: Anderson Lizardo <anderson.lizardo@openbossa.org>
---
 net/bluetooth/l2cap.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index 12b4aa2..a1c7ae8 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -4871,8 +4871,10 @@ static int __init l2cap_init(void)
 		return err;
 
 	_busy_wq = create_singlethread_workqueue("l2cap");
-	if (!_busy_wq)
-		goto error;
+	if (!_busy_wq) {
+		proto_unregister(&l2cap_proto);
+		return -ENOMEM;
+	}
 
 	err = bt_sock_register(BTPROTO_L2CAP, &l2cap_sock_family_ops);
 	if (err < 0) {
@@ -4900,6 +4902,7 @@ static int __init l2cap_init(void)
 	return 0;
 
 error:
+	destroy_workqueue(_busy_wq);
 	proto_unregister(&l2cap_proto);
 	return err;
 }
-- 
1.7.0.4


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH v3] Bluetooth: Fix error handling for l2cap_init()
  2010-11-29 16:15 [PATCH v3] Bluetooth: Fix error handling for l2cap_init() Anderson Lizardo
@ 2010-11-30  1:05 ` Gustavo F. Padovan
  0 siblings, 0 replies; 2+ messages in thread
From: Gustavo F. Padovan @ 2010-11-30  1:05 UTC (permalink / raw)
  To: Anderson Lizardo; +Cc: linux-bluetooth

Hi Anderson,

* Anderson Lizardo <anderson.lizardo@openbossa.org> [2010-11-29 12:15:50 -0400]:

> create_singlethread_workqueue() may fail with errors such as -ENOMEM. If
> this happens, the return value is not set to a negative value and the
> module load will succeed. It will then crash on module unload because of
> a destroy_workqueue() call on a NULL pointer.
> 
> Additionally, the _busy_wq workqueue is not being destroyed if any
> errors happen on l2cap_init().
> 
> Signed-off-by: Anderson Lizardo <anderson.lizardo@openbossa.org>

Patch has been applied, thanks a lot.

-- 
Gustavo F. Padovan
http://profusion.mobi

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2010-11-30  1:05 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-11-29 16:15 [PATCH v3] Bluetooth: Fix error handling for l2cap_init() Anderson Lizardo
2010-11-30  1:05 ` Gustavo F. Padovan

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).