diff options
| author | Bjoern A. Zeeb <bz@FreeBSD.org> | 2007-11-16 22:35:33 +0000 |
|---|---|---|
| committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2007-11-16 22:35:33 +0000 |
| commit | cf94a6a9ca082489b32e36a70a7921930bb07bc6 (patch) | |
| tree | 49cf497e28d0328a9bd0347bfac2dc8a1540116a /sys/netipsec/keysock.c | |
| parent | 12b3ebf5f5d4d4e0782a4e77f4a17a8066404bbe (diff) | |
| download | src-cf94a6a9ca082489b32e36a70a7921930bb07bc6.tar.gz src-cf94a6a9ca082489b32e36a70a7921930bb07bc6.zip | |
Move the priv check before the malloc call for so_pcb.
In case attach fails because of the priv check we leaked the
memory and left so_pcb as fodder for invariants.
Reported by: Pawel Worach
Reviewed by: rwatson
Notes
Notes:
svn path=/head/; revision=173689
Diffstat (limited to 'sys/netipsec/keysock.c')
| -rw-r--r-- | sys/netipsec/keysock.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c index 17ef9eb0157c..cc1214ba59bf 100644 --- a/sys/netipsec/keysock.c +++ b/sys/netipsec/keysock.c @@ -387,18 +387,18 @@ key_attach(struct socket *so, int proto, struct thread *td) KASSERT(so->so_pcb == NULL, ("key_attach: so_pcb != NULL")); + if (td != NULL) { + error = priv_check(td, PRIV_NET_RAW); + if (error) + return error; + } + /* XXX */ MALLOC(kp, struct keycb *, sizeof *kp, M_PCB, M_WAITOK | M_ZERO); if (kp == 0) return ENOBUFS; so->so_pcb = (caddr_t)kp; - - if (td != NULL) { - error = priv_check(td, PRIV_NET_RAW); - if (error) - return error; - } error = raw_attach(so, proto); kp = (struct keycb *)sotorawcb(so); if (error) { |