[PATCHv2] Fix a couple memory leaks
Paul Stewart
pstew at google.com
Fri Jun 8 13:31:00 EDT 2012
On Fri, Jun 8, 2012 at 10:23 AM, Jouni Malinen <j at w1.fi> wrote:
> On Wed, Jun 06, 2012 at 07:00:33PM -0700, Paul Stewart wrote:
>> diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
>> @@ -8397,18 +8397,19 @@ static int nl80211_signal_monitor(void *priv, int threshold, int hysteresis)
>> NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_THOLD, threshold);
>
> Please note that NLA_PUT_U32 can jump to nla_put_failure.
>
>> NLA_PUT_U32(cqm, NL80211_ATTR_CQM_RSSI_HYST, hysteresis);
>> nla_put_nested(msg, NL80211_ATTR_CQM, cqm);
>>
>> + nlmsg_free(cqm);
>
> This looks fine, but..
>
>> if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
>> return 0;
>> msg = NULL;
>>
>> nla_put_failure:
>> - nlmsg_free(cqm);
>
> this does not.. There is at least a theoretical possibility of
> NLA_PUT_U32 using goto to skip that nlmsg_free(cqm) above.
Wow! That's an eye opener. Will send a new patch.
>
> --
> Jouni Malinen PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
More information about the HostAP
mailing list