On 01/06/10 17:35, Jiri Slaby wrote:
> Stanse found a memory leak in cfg80211_wext_siwscan. creq is not
> freed/assigned on all paths. Fix that.
>
> Signed-off-by: Jiri Slaby <jslaby@xxxxxxx>
> ---
> net/wireless/scan.c | 7 +++++--
> 1 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/net/wireless/scan.c b/net/wireless/scan.c
> index 9c50c85..3003d13 100644
> --- a/net/wireless/scan.c
> +++ b/net/wireless/scan.c
> @@ -685,7 +685,7 @@ int cfg80211_wext_siwscan(struct net_device *dev,
> /* No channels found? */
> if (!i) {
> err = -EINVAL;
> - goto out;
> + goto out_free;
> }
>
> /* Set real number of channels specified in creq->channels[] */
> @@ -696,7 +696,7 @@ int cfg80211_wext_siwscan(struct net_device *dev,
> if (wrqu->data.flags & IW_SCAN_THIS_ESSID) {
> if (wreq->essid_len > IEEE80211_MAX_SSID_LEN) {
> err = -EINVAL;
> - goto out;
> + goto out_free;
> }
> memcpy(creq->ssids[0].ssid, wreq->essid, wreq->essid_len);
> creq->ssids[0].ssid_len = wreq->essid_len;
> @@ -717,6 +717,9 @@ int cfg80211_wext_siwscan(struct net_device *dev,
> out:
> cfg80211_unlock_rdev(rdev);
> return err;
> +out_free:
> + kfree(creq);
> + goto out;
> }
> EXPORT_SYMBOL_GPL(cfg80211_wext_siwscan);
>
This last part looks a bit strange. Why don't you put out_free label before out label,
and let it continue after the kfree, instead of jumping back to the out label.
---
Gertjan.
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
