On 2022-02-25 12:15 AM, Colin Ian King wrote:
Currently in the case where parse_attr fails to be allocated the memory
pointed to by attr2 is kfree'd but the non-null pointer attr2 is returned
and a potential use of a kfree'd object can occur. Fix this by returning
NULL to indicate a memory allocation error.
Addresses issue found by clang-scan:
drivers/net/ethernet/mellanox/mlx5/core/en_tc.c:3401:3: warning: Use of
memory after it is freed [unix.Malloc]
Fixes: 8300f225268b ("net/mlx5e: Create new flow attr for multi table actions")
Signed-off-by: Colin Ian King <colin.i.king@xxxxxxxxx>
---
drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
index 76a015dfc5fc..c0776a4a3845 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
@@ -3398,7 +3398,7 @@ mlx5e_clone_flow_attr_for_post_act(struct mlx5_flow_attr *attr,
if (!attr2 || !parse_attr) {
kvfree(parse_attr);
kfree(attr2);
- return attr2;
+ return NULL;
}
memcpy(attr2, attr, attr_sz);
thanks!
Reviewed-by: Roi Dayan <roid@xxxxxxxxxx>
