net: af_key: add check for pfkey_broadcast in function pfkey_process

[ Upstream commit 4dc2a5a8f6754492180741facf2a8787f2c415d7 ]

If skb_clone() returns null pointer, pfkey_broadcast() will
return error.
Therefore, it should be better to check the return value of
pfkey_broadcast() and return error if fails.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/key/af_key.c b/net/key/af_key.c
index a416c0f9005672075a22aff660d69bc2bc58732f..170960ef7e360c676f157b6c0e756d39df8914cf 100644 (file)
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -2836,8 +2836,10 @@ static int pfkey_process(struct sock *sk, struct sk_buff *skb, const struct sadb
        void *ext_hdrs[SADB_EXT_MAX];
        int err;
 
-       pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL,
-                       BROADCAST_PROMISC_ONLY, NULL, sock_net(sk));
+       err = pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL,
+                             BROADCAST_PROMISC_ONLY, NULL, sock_net(sk));
+       if (err)
+               return err;
 
        memset(ext_hdrs, 0, sizeof(ext_hdrs));
        err = parse_exthdrs(skb, hdr, ext_hdrs);