[PATCHv2] Fix a couple memory leaks
Johannes Berg
johannes
Fri Jun 8 10:33:52 PDT 2012
On Fri, 2012-06-08 at 10:31 -0700, Paul Stewart wrote:
> On Fri, Jun 8, 2012 at 10:23 AM, Jouni Malinen <j at w1.fi> wrote:
> > On Wed, Jun 06, 2012 at 07:00:33PM -0700, Paul Stewart wrote:
> >> diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
> >> @@ -8397,18 +8397,19 @@ static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
> >> NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
> >
> > Please note that NLA_PUT_U32 can jump to nla_put_failure.
> >
> >> NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
> >> nla_put_nested(msg, NL80211_ATTR_CQM, cqm);
> >>
> >> + nlmsg_free(cqm);
> >
> > This looks fine, but..
> >
> >> if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
> >> return 0;
> >> msg = NULL;
> >>
> >> nla_put_failure:
> >> - nlmsg_free(cqm);
> >
> > this does not.. There is at least a theoretical possibility of
> > NLA_PUT_U32 using goto to skip that nlmsg_free(cqm) above.
>
> Wow! That's an eye opener. Will send a new patch.
Might be worthwhile to use nla_nest_start/end instead of nla_put_nested?
johannes
More information about the Hostap
mailing list