diff options
author | bz <bz@FreeBSD.org> | 2007-11-16 22:35:33 +0000 |
---|---|---|
committer | bz <bz@FreeBSD.org> | 2007-11-16 22:35:33 +0000 |
commit | a7318bd80c628e3e15223ad6cc6a860db8f35dd9 (patch) | |
tree | 49cf497e28d0328a9bd0347bfac2dc8a1540116a /sys/netipsec/keysock.c | |
parent | 1ad1c0a4f118ac74d91fcd60b17e2526166995e6 (diff) | |
download | FreeBSD-src-a7318bd80c628e3e15223ad6cc6a860db8f35dd9.zip FreeBSD-src-a7318bd80c628e3e15223ad6cc6a860db8f35dd9.tar.gz |
Move the priv check before the malloc call for so_pcb.
In case attach fails because of the priv check we leaked the
memory and left so_pcb as fodder for invariants.
Reported by: Pawel Worach
Reviewed by: rwatson
Diffstat (limited to 'sys/netipsec/keysock.c')
-rw-r--r-- | sys/netipsec/keysock.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c index 17ef9eb..cc1214b 100644 --- a/sys/netipsec/keysock.c +++ b/sys/netipsec/keysock.c @@ -387,18 +387,18 @@ key_attach(struct socket *so, int proto, struct thread *td) KASSERT(so->so_pcb == NULL, ("key_attach: so_pcb != NULL")); + if (td != NULL) { + error = priv_check(td, PRIV_NET_RAW); + if (error) + return error; + } + /* XXX */ MALLOC(kp, struct keycb *, sizeof *kp, M_PCB, M_WAITOK | M_ZERO); if (kp == 0) return ENOBUFS; so->so_pcb = (caddr_t)kp; - - if (td != NULL) { - error = priv_check(td, PRIV_NET_RAW); - if (error) - return error; - } error = raw_attach(so, proto); kp = (struct keycb *)sotorawcb(so); if (error) { |