Re: Fix hostap_cs double kfree

From: Jouni Malinen
Date: Tue Mar 14 2006 - 22:16:40 EST

Next message: Eugene Teo: "Fix irda-usb use after use"
Previous message: georges kan: "Job offer. 1142389491"
In reply to: Eugene Teo: "Re: Fix hostap_cs double kfree"
Next in thread: Eugene Teo: "Re: Fix hostap_cs double kfree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 15, 2006 at 10:39:00AM +0800, Eugene Teo wrote:
> prism2_config() kfree's twice if kmalloc fails.
>
> Coverity bug #930

Thanks. I'm going through the issues related to Host AP driver in
Coverity database and send a set of patches after some testing.

> --- linux-2.6/drivers/net/wireless/hostap/hostap_cs.c~ 2006-03-15 10:05:36.000000000 +0800
> +++ linux-2.6/drivers/net/wireless/hostap/hostap_cs.c 2006-03-15 10:24:53.000000000 +0800
> @@ -585,8 +585,6 @@
> parse = kmalloc(sizeof(cisparse_t), GFP_KERNEL);
> hw_priv = kmalloc(sizeof(*hw_priv), GFP_KERNEL);
> if (parse == NULL || hw_priv == NULL) {
> - kfree(parse);
> - kfree(hw_priv);
> ret = -ENOMEM;
> goto failed;
> }

This is a valid fix..

> @@ -783,8 +781,10 @@
> cs_error(link->handle, last_fn, last_ret);
>
> failed:
> - kfree(parse);
> - kfree(hw_priv);
> + if (parse)
> + kfree(parse);
> + if (hw_priv)
> + kfree(hw_priv);
> prism2_release((u_long)link);
> return ret;

.. but this is not.

--
Jouni Malinen PGP id EFC895FA
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eugene Teo: "Fix irda-usb use after use"
Previous message: georges kan: "Job offer. 1142389491"
In reply to: Eugene Teo: "Re: Fix hostap_cs double kfree"
Next in thread: Eugene Teo: "Re: Fix hostap_cs double kfree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]