Search Linux Wireless

[PATCH v3 01/11] Revert "NFC: st95hf: drop illegal kfree_skb()"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This reverts commit c99f996b2ba49 ("NFC: st95hf: drop illegal
kfree_skb()").

It turns out that the st95hf_in_send_cmd() is in fact the sole owner of
this skb, and by not freeing it here, we not only causing a memory leak
but also mess up the refcount of the socket that holds it. This will in
turn lead to activated targets not being cleaned up, even after
stopping userspace processes.

The memory corruption that I was hunting was caused by another
kfree_skb(). This will be fixed in a later commit.

Signed-off-by: Daniel Mack <daniel@xxxxxxxxxx>
Fixes: c99f996b2ba49 ("NFC: st95hf: drop illegal kfree_skb()")
---
 drivers/nfc/st95hf/core.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/nfc/st95hf/core.c b/drivers/nfc/st95hf/core.c
index 36ef0e905ba3..bc1a2070f9bb 100644
--- a/drivers/nfc/st95hf/core.c
+++ b/drivers/nfc/st95hf/core.c
@@ -991,6 +991,8 @@ static int st95hf_in_send_cmd(struct nfc_digital_dev *ddev,
 		goto free_skb_resp;
 	}
 
+	kfree_skb(skb);
+
 	return rc;
 
 free_skb_resp:
-- 
2.17.1




[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux