[NETROM]: Fix use after free in socket close.

netrom would oops if one did: modprobe netrom ifconfig -a because the code in destroy was freeing the socket then release_sock was called.

[NETROM]: Fix use after free in socket close.
netrom would oops if one did: modprobe netrom ifconfig -a because the code in destroy was freeing the socket then release_sock was called.
9c09e405 · Stephen Hemminger · David S. Miller · 206ef42f · 9c09e405
Commit 9c09e405 authored Aug 14, 2003 by Stephen Hemminger Committed by David S. Miller Aug 14, 2003
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

net/netrom/af_netrom.c net/netrom/af_netrom.c +2 -0

No files found.
--- a/net/netrom/af_netrom.c
+++ b/net/netrom/af_netrom.c
@@ -516,6 +516,7 @@ static int nr_release(struct socket *sock)

 	if (sk == NULL) return 0;

+	sock_hold(sk);
 	lock_sock(sk);
 	nr = nr_sk(sk);

@@ -551,6 +552,7 @@ static int nr_release(struct socket *sock)

 	sock->sk   = NULL;	
 	release_sock(sk);
+	sock_put(sk);

 	return 0;
 }