On Fri, 2021-10-01 at 15:56 +0300, Dan Carpenter wrote:
> The error handling calls kfree(params->acl) so if "params->acl" is an
> error pointer that will lead to an Oops.
>
> Fixes: 9e263e193af7 ("nl80211: don't put struct cfg80211_ap_settings on stack")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
> net/wireless/nl80211.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index 0b4f29d689d2..962fb169a5fb 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -5507,6 +5507,7 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
> params->acl = parse_acl_data(&rdev->wiphy, info);
> if (IS_ERR(params->acl)) {
> err = PTR_ERR(params->acl);
> + params->acl = NULL;
Yeah. I think I had just applied the exact same patch:
commit 05075fe7455a210769b266e62a0040ddc98b2739
Author: Johannes Berg <johannes.berg@xxxxxxxxx>
Date: Mon Sep 27 13:44:03 2021 +0200
nl80211: don't kfree() ERR_PTR() value
johannes
