summaryrefslogtreecommitdiffstats
path: root/sys/netipsec/keysock.c
diff options
context:
space:
mode:
authorbz <bz@FreeBSD.org>2007-11-16 22:35:33 +0000
committerbz <bz@FreeBSD.org>2007-11-16 22:35:33 +0000
commita7318bd80c628e3e15223ad6cc6a860db8f35dd9 (patch)
tree49cf497e28d0328a9bd0347bfac2dc8a1540116a /sys/netipsec/keysock.c
parent1ad1c0a4f118ac74d91fcd60b17e2526166995e6 (diff)
downloadFreeBSD-src-a7318bd80c628e3e15223ad6cc6a860db8f35dd9.zip
FreeBSD-src-a7318bd80c628e3e15223ad6cc6a860db8f35dd9.tar.gz
Move the priv check before the malloc call for so_pcb.
In case attach fails because of the priv check we leaked the memory and left so_pcb as fodder for invariants. Reported by: Pawel Worach Reviewed by: rwatson
Diffstat (limited to 'sys/netipsec/keysock.c')
-rw-r--r--sys/netipsec/keysock.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c
index 17ef9eb..cc1214b 100644
--- a/sys/netipsec/keysock.c
+++ b/sys/netipsec/keysock.c
@@ -387,18 +387,18 @@ key_attach(struct socket *so, int proto, struct thread *td)
KASSERT(so->so_pcb == NULL, ("key_attach: so_pcb != NULL"));
+ if (td != NULL) {
+ error = priv_check(td, PRIV_NET_RAW);
+ if (error)
+ return error;
+ }
+
/* XXX */
MALLOC(kp, struct keycb *, sizeof *kp, M_PCB, M_WAITOK | M_ZERO);
if (kp == 0)
return ENOBUFS;
so->so_pcb = (caddr_t)kp;
-
- if (td != NULL) {
- error = priv_check(td, PRIV_NET_RAW);
- if (error)
- return error;
- }
error = raw_attach(so, proto);
kp = (struct keycb *)sotorawcb(so);
if (error) {
OpenPOWER on IntegriCloud