From: Yang Wei <albin_yang@163.com>
Date: Mon, 8 Jul 2019 14:57:39 +0000 (+0800)
Subject: nfc: fix potential illegal memory access
X-Git-Tag: v5.1.21~47
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e1f7bc510d84532d3140da37830e9a84e5984e65;p=thirdparty%2Fkernel%2Fstable.git

nfc: fix potential illegal memory access

[ Upstream commit dd006fc434e107ef90f7de0db9907cbc1c521645 ]

The frags_q is not properly initialized, it may result in illegal memory
access when conn_info is NULL.
The "goto free_exit" should be replaced by "goto exit".

Signed-off-by: Yang Wei <albin_yang@163.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/net/nfc/nci/data.c b/net/nfc/nci/data.c
index 908f25e3773e5..5405d073804c6 100644
--- a/net/nfc/nci/data.c
+++ b/net/nfc/nci/data.c
@@ -119,7 +119,7 @@ static int nci_queue_tx_data_frags(struct nci_dev *ndev,
 	conn_info = nci_get_conn_info_by_conn_id(ndev, conn_id);
 	if (!conn_info) {
 		rc = -EPROTO;
-		goto free_exit;
+		goto exit;
 	}
 
 	__skb_queue_head_init(&frags_q);