mirror of
https://github.com/torvalds/linux.git
synced 2026-05-12 16:18:45 +02:00
c71ba669b5
pn532_receive_buf() reports the number of accepted bytes to the serdev
core. The current code consumes bytes into recv_skb and may already hand
a complete frame to pn533_recv_frame() before allocating a fresh receive
buffer.
If that alloc_skb() fails, the callback returns 0 even though it has
already consumed bytes, and it leaves recv_skb as NULL for the next
receive callback. That breaks the receive_buf() accounting contract and
can also lead to a NULL dereference on the next skb_put_u8().
Allocate the receive skb lazily before consuming the next byte instead.
If allocation fails, return the number of bytes already accepted.
Fixes:
|
||
|---|---|---|
| .. | ||
| fdp | ||
| microread | ||
| nfcmrvl | ||
| nxp-nci | ||
| pn533 | ||
| pn544 | ||
| s3fwrn5 | ||
| st-nci | ||
| st21nfca | ||
| st95hf | ||
| Kconfig | ||
| Makefile | ||
| mei_phy.c | ||
| mei_phy.h | ||
| nfcsim.c | ||
| port100.c | ||
| trf7970a.c | ||
| virtual_ncidev.c | ||