From cf94a6a9ca082489b32e36a70a7921930bb07bc6 Mon Sep 17 00:00:00 2001
From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Date: Fri, 16 Nov 2007 22:35:33 +0000
Subject: [PATCH] Move the priv check before the malloc call for so_pcb. In
 case attach fails because of the priv check we leaked the memory and left
 so_pcb as fodder for invariants.

Reported  by:	Pawel Worach
Reviewed by:	rwatson
---
 sys/netipsec/keysock.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c
index 17ef9eb0157c..cc1214ba59bf 100644
--- a/sys/netipsec/keysock.c
+++ b/sys/netipsec/keysock.c
@@ -387,18 +387,18 @@ key_attach(struct socket *so, int proto, struct thread *td)
 
 	KASSERT(so->so_pcb == NULL, ("key_attach: so_pcb != NULL"));
 
+	if (td != NULL) {
+		error = priv_check(td, PRIV_NET_RAW);
+		if (error)
+			return error;
+	}
+
 	/* XXX */
 	MALLOC(kp, struct keycb *, sizeof *kp, M_PCB, M_WAITOK | M_ZERO); 
 	if (kp == 0)
 		return ENOBUFS;
 
 	so->so_pcb = (caddr_t)kp;
-
-	if (td != NULL) {
-		error = priv_check(td, PRIV_NET_RAW);
-		if (error)
-			return error;
-	}
 	error = raw_attach(so, proto);
 	kp = (struct keycb *)sotorawcb(so);
 	if (error) {