[PATCH v2] Don't double free cfg struct if netlink_init fails
Jouni Malinen
j
Sat Nov 24 06:50:54 PST 2012
On Wed, Nov 21, 2012 at 01:46:23PM +0100, Pontus Fuchs wrote:
> If netlink_init fails on socket create or bind the cfg struct
> provided as parameter is freed by netlink_init. Callers of
> netlink_init also frees this struct on their error paths leading
> to double free.
Thanks! Applied.
> diff --git a/src/drivers/netlink.c b/src/drivers/netlink.c
> @@ -118,6 +117,7 @@ struct netlink_data * netlink_init(struct netlink_config *cfg)
> + netlink->cfg = cfg;
> eloop_register_read_sock(netlink->sock, netlink_receive, netlink,
> NULL);
Though, I reordered these operations since that
eloop_register_read_sock() could actually fail in theory and should that
ever be addressed by returning error here, it is better to avoid hitting
the same double free on the error path case accidentally at that point.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list