fix possible NULL deref on low memory condition in capidrv.c::send_message()

If we fail to allocate an skb in
drivers/isdn/capi/capidrv.c::send_message(), then we'll end up
dereferencing a NULL pointer.
Since out of memory conditions are not unheard of, I believe it
is better to print a error message and just return rather than
bring down the whole kernel.
Sure, doing this may upset some application, but that's still
better than crashing the whole system.

Signed-off-by: Jesper Juhl <[email protected]>
Acked-by: Karsten Keil <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>

diff --git a/drivers/isdn/capi/capidrv.c b/drivers/isdn/capi/capidrv.c
index 23b6f7bc16b7e53ebac2a6d73e76608bcaa67ecf..476012b6dfac331d11a7728f714ab4f04c831554 100644 (file)
--- a/drivers/isdn/capi/capidrv.c
+++ b/drivers/isdn/capi/capidrv.c
@@ -506,9 +506,14 @@ static void send_message(capidrv_contr * card, _cmsg * cmsg)
 {
        struct sk_buff *skb;
        size_t len;
+
        capi_cmsg2message(cmsg, cmsg->buf);
        len = CAPIMSG_LEN(cmsg->buf);
        skb = alloc_skb(len, GFP_ATOMIC);
+       if (!skb) {
+               printk(KERN_ERR "capidrv::send_message: can't allocate mem\n");
+               return;
+       }
        memcpy(skb_put(skb, len), cmsg->buf, len);
        if (capi20_put_message(&global.ap, skb) != CAPI_NOERROR)
                kfree_skb(skb);