git: 7b21cccf9c69 - stable/14 - sctp: further improve shutting down the read side of a socket

The branch stable/14 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=7b21cccf9c69f1303cbd3023d4a92b34ce84cbd1

commit 7b21cccf9c69f1303cbd3023d4a92b34ce84cbd1
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2023-09-13 11:02:51 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2023-09-15 17:48:02 +0000

    sctp: further improve shutting down the read side of a socket
    
    Deal with the case that the association is already gone.
    
    Reported by:    syzbot+e256d42e9b390564530a@syzkaller.appspotmail.com
---
 sys/netinet/sctp_usrreq.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/sys/netinet/sctp_usrreq.c b/sys/netinet/sctp_usrreq.c
index 02bb87578528..29d63f989e79 100644
--- a/sys/netinet/sctp_usrreq.c
+++ b/sys/netinet/sctp_usrreq.c
@@ -806,11 +806,9 @@ sctp_flush(struct socket *so, int how)
 		return (0);
 	}
 	stcb = LIST_FIRST(&inp->sctp_asoc_list);
-	if (stcb == NULL) {
-		SCTP_INP_WUNLOCK(inp);
-		return (ENOTCONN);
+	if (stcb != NULL) {
+		SCTP_TCB_LOCK(stcb);
 	}
-	SCTP_TCB_LOCK(stcb);
 	SCTP_INP_READ_LOCK(inp);
 	inp->sctp_flags |= SCTP_PCB_FLAGS_SOCKET_CANT_READ;
 	SOCK_LOCK(so);
@@ -836,7 +834,7 @@ sctp_flush(struct socket *so, int how)
 	}
 	SOCK_UNLOCK(so);
 	SCTP_INP_READ_UNLOCK(inp);
-	if (need_to_abort) {
+	if (need_to_abort && (stcb != NULL)) {
 		inp->last_abort_code = SCTP_FROM_SCTP_USRREQ + SCTP_LOC_6;
 		SCTP_INP_WUNLOCK(inp);
 		op_err = sctp_generate_cause(SCTP_CAUSE_OUT_OF_RESC, "");
@@ -845,7 +843,9 @@ sctp_flush(struct socket *so, int how)
 		NET_EPOCH_EXIT(et);
 		return (ECONNABORTED);
 	}
-	SCTP_TCB_UNLOCK(stcb);
+	if (stcb != NULL) {
+		SCTP_TCB_UNLOCK(stcb);
+	}
 	SCTP_INP_WUNLOCK(inp);
 	return (0);
 }