nfc: fix potential illegal memory access

The frags_q is not properly initialized, it may result in illegal memory
access when conn_info is NULL.
The "goto free_exit" should be replaced by "goto exit".

Signed-off-by: Yang Wei <albin_yang@163.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/nfc/nci/data.c b/net/nfc/nci/data.c
index 0a0c265baaa48109a6b312b3637a01ff431830db..ce3382be937ff19425162adcde356d1e2d033ea5 100644 (file)
--- a/net/nfc/nci/data.c
+++ b/net/nfc/nci/data.c
@@ -107,7 +107,7 @@ static int nci_queue_tx_data_frags(struct nci_dev *ndev,
        conn_info = nci_get_conn_info_by_conn_id(ndev, conn_id);
        if (!conn_info) {
                rc = -EPROTO;
-               goto free_exit;
+               goto exit;
        }
 
        __skb_queue_head_init(&frags_q);