So, I was going to apply this, but then I ran sparse & smatch :-)
On Tue, 2014-06-17 at 14:58 +0200, Michal Kazior wrote:
> - curr_ctx = container_of(conf, struct ieee80211_chanctx, conf);
> + curr_ctx = ieee80211_vif_get_chanctx(sdata);
> + if (curr_ctx && local->use_chanctx && !local->ops->switch_vif_chanctx)
> + return -ENOTSUPP;
curr_ctx can be NULL?
> new_ctx = ieee80211_find_reservation_chanctx(local, chandef, mode);
> if (!new_ctx) {
> + if (ieee80211_can_create_new_chanctx(local)) {
> new_ctx = ieee80211_new_chanctx(local, chandef, mode);
> + if (IS_ERR(new_ctx))
> + return PTR_ERR(new_ctx);
> } else {
> + if ((curr_ctx->replace_state ==
> + IEEE80211_CHANCTX_WILL_BE_REPLACED) ||
then this crashes?
> + if (local->use_chanctx) {
> + vif_chsw = kzalloc(sizeof(*vif_chsw) * n_vifs, GFP_KERNEL);
> + if (vif_chsw) {
clearly you didn't test this? :)
> + err = -ENOMEM;
> + goto err;
> + }
> +
> + i = 0;
> + list_for_each_entry(ctx, &local->chanctx_list, list) {
> + if (ctx->replace_state != IEEE80211_CHANCTX_REPLACES_OTHER)
> + continue;
> +
> + if (WARN_ON(!ctx->replace_ctx))
> + return -EINVAL;
This also leaks "vif_chsw".
johannes
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
