From: Sasha Levin <levinsasha928@gmail.com>
Date: Wed, 6 Jun 2012 21:02:55 +0000 (+0200)
Subject: NFC: Fix possible NULL ptr deref when getting the name of a socket
X-Git-Tag: master-2012-06-13-2^2~8
X-Git-Url: http://pileus.org/git/?a=commitdiff_plain;ds=sidebyside;h=58d1eab7ef1d7ff8e448699dfd1a21b7f3303296;p=~andy%2Flinux

NFC: Fix possible NULL ptr deref when getting the name of a socket

llcp_sock_getname() might get called before the LLCP socket was created.
This condition isn't checked, and llcp_sock_getname will simply deref a
NULL ptr in that case.

This exists starting with d646960 ("NFC: Initial LLCP support").

Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
---

diff --git a/net/nfc/llcp/sock.c b/net/nfc/llcp/sock.c
index 3f339b19d14..17a707db40e 100644
--- a/net/nfc/llcp/sock.c
+++ b/net/nfc/llcp/sock.c
@@ -292,6 +292,9 @@ static int llcp_sock_getname(struct socket *sock, struct sockaddr *addr,
 
 	pr_debug("%p\n", sk);
 
+	if (llcp_sock == NULL)
+		return -EBADFD;
+
 	addr->sa_family = AF_NFC;
 	*len = sizeof(struct sockaddr_nfc_llcp);