Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

cfg80211: fix rtnl leak in wiphy dump error cases

In two wiphy dump error cases, most often when the dump allocation
must be increased, the RTNL is leaked. This quickly results in a
complete system lockup. Release the RTNL correctly.

Reported-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg 12 years ago
parent
ea141b75ae
commit
940d0ac9db
1 changed files with 4 additions and 1 deletions
Split View Show Diff Stats
  1. 4 1
      net/wireless/nl80211.c

+ 4 - 1
net/wireless/nl80211.c
View File 

@@ -1541,8 +1541,10 @@ static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
 
 			int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
 
 
 			netdev = dev_get_by_index(sock_net(skb->sk), ifidx);
 
-			if (!netdev)
 
+			if (!netdev) {
 
+				rtnl_unlock();
 
 				return -ENODEV;
 
+			}
 
 			if (netdev->ieee80211_ptr) {
 
 				dev = wiphy_to_dev(
 
 					netdev->ieee80211_ptr->wiphy);
 
@@ -1586,6 +1588,7 @@ static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
 
 				    !skb->len &&
 
 				    cb->min_dump_alloc < 4096) {
 
 					cb->min_dump_alloc = 4096;
 
+					rtnl_unlock();
 
 					return 1;
 
 				}
 
 				idx--;