From b2c60d42db0fea1e6c4345739601024863566a13 Mon Sep 17 00:00:00 2001 From: Jesper Juhl Date: Fri, 14 Jan 2011 00:18:49 +0100 Subject: Bluetooth: Fix failure to release lock in read_index_list() If alloc_skb() fails in read_index_list() we'll return -ENOMEM without releasing 'hci_dev_list_lock'. Signed-off-by: Jesper Juhl Signed-off-by: Gustavo F. Padovan --- net/bluetooth/mgmt.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'net') diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index f827fd90838..ace872615c0 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -111,8 +111,10 @@ static int read_index_list(struct sock *sk) body_len = sizeof(*ev) + sizeof(*rp) + (2 * count); skb = alloc_skb(sizeof(*hdr) + body_len, GFP_ATOMIC); - if (!skb) + if (!skb) { + read_unlock(&hci_dev_list_lock); return -ENOMEM; + } hdr = (void *) skb_put(skb, sizeof(*hdr)); hdr->opcode = cpu_to_le16(MGMT_EV_CMD_COMPLETE); -- cgit v1.2.3-18-g5258