RE: [patch 3/4] mwifiex: prevent corruption instead of just warning

Bing Zhao <bzhao@xxxxxxxxxxx> · Tue, 18 Oct 2011 11:27:44 -0700

Hi Johannes,

Thanks for your comment.

> -----Original Message-----
> From: Johannes Berg [mailto:johannes@xxxxxxxxxxxxxxxx]
> Sent: Tuesday, October 18, 2011 11:23 AM
> To: Bing Zhao
> Cc: Dan Carpenter; John W. Linville; linux-wireless@xxxxxxxxxxxxxxx; kernel-janitors@xxxxxxxxxxxxxxx
> Subject: RE: [patch 3/4] mwifiex: prevent corruption instead of just warning
> 
> On Tue, 2011-10-18 at 11:19 -0700, Bing Zhao wrote:
> 
> > > @@ -1228,9 +1228,11 @@ static int mwifiex_pcie_event_complete(struct mwifiex_adapter *adapter,
> > >  	if (!skb)
> > >  		return 0;
> > >
> > > -	if (rdptr >= MWIFIEX_MAX_EVT_BD)
> > > +	if (rdptr >= MWIFIEX_MAX_EVT_BD) {
> > >  		dev_err(adapter->dev, "event_complete: Invalid rdptr 0x%x\n",
> > >  					rdptr);
> > > +		return -EINVAL;
> >
> > Instead of returning directly, we should set the error code and go through the error handling:
> > 		ret = -EINVAL;
> > 		goto done;
> 
> Are you sure? You don't go to error handling a few lines earlier.

The error handling will free the skb. If skb is NULL there is no need to free.

Thanks,
Bing

> 
> johannes

��.n��������+%������w��{.n�����{���zW����ܨ}���Ơz�j:+v�����w����ޙ��&�)ߡ�a����z�ޗ���ݢj��w�f