]> www.infradead.org Git - users/jedix/linux-maple.git/commitdiff
projects / users / jedix / linux-maple.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 12e4686)
IB/sdp: fix NULL pointer dereference
authorAmiram Perlmutter <amip@mellanox.co.il>
Mon, 22 Jan 2007 15:03:58 +0000 (17:03 +0200)
committerMukesh Kacker <mukesh.kacker@oracle.com>
Tue, 6 Oct 2015 12:04:03 +0000 (05:04 -0700)
introduced by patch "IB/sdp: handle shutdown recv on listening socket"

Signed-off-by: Amiram Perlmutter <amip@mellanox.co.il>
Signed-off-by: Michael S. Tsirkin <mst@mellanox.co.il>
drivers/infiniband/ulp/sdp/sdp_main.c patch | blob | history

diff --git a/drivers/infiniband/ulp/sdp/sdp_main.c b/drivers/infiniband/ulp/sdp/sdp_main.c
index d70df1a4c55ae84fcc2148faa6bbb5ce973a66d4..a1b02404919d659fdf160d8522744370bde0fbab 100644 (file)
--- a/drivers/infiniband/ulp/sdp/sdp_main.c
+++ b/drivers/infiniband/ulp/sdp/sdp_main.c
@@ -515,7 +515,7 @@ static int sdp_disconnect(struct sock *sk, int flags)
        int rc = 0;
        int old_state = sk->sk_state;
        struct sdp_sock *s, *t;
-       struct rdma_cm_id *id = ssk->id;
+       struct rdma_cm_id *id;
 
        sdp_dbg(sk, "%s\n", __func__);
        if (ssk->id)
@@ -525,10 +525,11 @@ static int sdp_disconnect(struct sock *sk, int flags)
                return rc;
 
        sdp_set_state(sk, TCP_CLOSE);
+       id = ssk->id;
        ssk->id = NULL;
        release_sock(sk); /* release socket since locking semantics is parent
                             inside child */
-       rdma_destroy_id(ssk->id);
+       rdma_destroy_id(id);
 
        list_for_each_entry_safe(s, t, &ssk->backlog_queue, backlog_queue) {
                sk_common_release(&s->isk.sk);
Unnamed repository; edit this file 'description' to name the repository.