Re: [PATCH] wifi: cfg80211: fix leak if split 6 GHz scanning fails

Next message: Andy Shevchenko: "[GIT PULL] auxdisplay for 7.2-1"
Previous message: Vasant Hegde: "Re: [PATCH v6 6/6] iommu/amd: Fail probe on ATS configuration failure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Fedor Pchelkin

Date: Mon Jun 01 2026 - 05:32:21 EST

On Thu, 28. May 10:42, Johannes Berg wrote:
> On Sun, 2026-05-24 at 19:53 +0300, Fedor Pchelkin wrote:
> >
> > @@ -1101,7 +1102,12 @@ int cfg80211_scan(struct cfg80211_registered_device *rdev)
> > rdev_req->req.scan_6ghz = false;
> > rdev_req->req.first_part = true;
> > rdev->int_scan_req = request;
> > - return rdev_scan(rdev, request);
> > + err = rdev_scan(rdev, request);
> > + if (err) {
> > + kfree(rdev->int_scan_req);
> > + rdev->int_scan_req = NULL;
> > + }
> > + return err;
>
> Given that rdev isn't accessible to the driver call in rdev_scan(), I
> think it'd be nicer to do kfree(request) and defer the int_scan_req
> assignment to after the rdev_scan() call?

It would differ now (at least visually) from the similar scheme used at
the end of cfg80211_scan_6ghz(). I'd go for that all this request
initialization stuff should be done before calling rdev_scan(), taking
that rdev_scan() may be changed in future or whatever. But I don't have a
strong opinion here - will send v2 so that you may choose the eventually
preferred one between these versions.