Commit 5e6b3946 authored by Jason Wang's avatar Jason Wang Committed by Greg Kroah-Hartman

vhost_net: validate sock before trying to put its fd

[ Upstream commit b8f1f658 ]

Sock will be NULL if we pass -1 to vhost_net_set_backend(), but when
we meet errors during ubuf allocation, the code does not check for
NULL before calling sockfd_put(), this will lead NULL
dereferencing. Fixing by checking sock pointer before.

Fixes: bab632d6 ("vhost: vhost TX zero-copy support")
Reported-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: default avatarJason Wang <jasowang@redhat.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 61c66cc5
...@@ -955,7 +955,8 @@ static long vhost_net_set_backend(struct vhost_net *n, unsigned index, int fd) ...@@ -955,7 +955,8 @@ static long vhost_net_set_backend(struct vhost_net *n, unsigned index, int fd)
if (ubufs) if (ubufs)
vhost_net_ubuf_put_wait_and_free(ubufs); vhost_net_ubuf_put_wait_and_free(ubufs);
err_ubufs: err_ubufs:
sockfd_put(sock); if (sock)
sockfd_put(sock);
err_vq: err_vq:
mutex_unlock(&vq->mutex); mutex_unlock(&vq->mutex);
err: err:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment