eth_dw: fix buffer leak when RX frames are too large

When an ethernet frame is larger than UIP_BUFSIZE, a net_buf is allocated but never released. Therefore after few bad frames, no more RX network packet can be received. Fixed by allocating the net_buf after checking the frame length. Change-Id: I436487e3c26d739de347b4db6facc3a3dbebbe75 Signed-off-by: Sebastien Griffoul <sebastien.griffoul@intel.com>
2016-03-31 14:46:01 +02:00 · 2016-03-31 14:46:01 +02:00 · 4b70134d1a
parent ee587d08a8
commit 4b70134d1a
1 changed files with 6 additions and 6 deletions
--- a/drivers/ethernet/eth_dw.c
+++ b/drivers/ethernet/eth_dw.c
@ -69,18 +69,18 @@ static void eth_rx(struct device *port)
 		goto release_desc;
 	}

-	buf = ip_buf_get_reserve_rx(0);
-	if (buf == NULL) {
-		ETH_ERR("Failed to obtain RX buffer.\n");
-		goto release_desc;
-	}
-
 	frm_len = context->rx_desc.frm_len;
 	if (frm_len > UIP_BUFSIZE) {
 		ETH_ERR("Frame too large: %u.\n", frm_len);
 		goto release_desc;
 	}

+	buf = ip_buf_get_reserve_rx(0);
+	if (buf == NULL) {
+		ETH_ERR("Failed to obtain RX buffer.\n");
+		goto release_desc;
+	}
+
 	memcpy(net_buf_add(buf, frm_len), (void *)context->rx_buf, frm_len);
 	uip_len(buf) = frm_len;