xen/pvcalls: fix null pointer dereference on map->sock
authorColin Ian King <colin.king@canonical.com>
Thu, 22 Feb 2018 17:22:59 +0000 (17:22 +0000)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 30 May 2018 05:52:05 +0000 (07:52 +0200)
[ Upstream commit 68d2059be660944152ba667e43c3b4ec225974bc ]

Currently if map is null then a potential null pointer deference
occurs when calling sock_release on map->sock.  I believe the
actual intention was to call sock_release on sock instead. Fix
this.

Fixes: 5db4d286a8ef ("xen/pvcalls: implement connect command")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/xen/pvcalls-back.c

index b209cd44bb8dce76fe44e10e0349af51fee7880c..169293c25a91544d342367926d29b238505557f3 100644 (file)
@@ -424,7 +424,7 @@ static int pvcalls_back_connect(struct xenbus_device *dev,
                                        sock);
        if (!map) {
                ret = -EFAULT;
-               sock_release(map->sock);
+               sock_release(sock);
        }
 
 out: