In abi_long do_ioctl_dm(), after calls lock_user(), it does not call
unlock_user() before go to failure return in default case.
Signed-off-by: Chen Gang <gang.chen.5...@gmail.com>
---
linux-user/syscall.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index aaac6a2..290fdea 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3681,6 +3681,7 @@ static abi_long do_ioctl_dm(const IOCTLEntry *ie, uint8_t
*buf_temp, int fd,
}
default:
ret = -TARGET_EINVAL;
+ unlock_user(argptr, guest_data, 0);
goto out;
}
unlock_user(argptr, guest_data, guest_data_size);
--
1.9.3 (Apple Git-50)
