[PATCH] Don't double free cfg struct if netlink_init fails

Pontus Fuchs pontus.fuchs at gmail.com
Wed Nov 21 05:18:54 EST 2012


If netlink_init fails on socket create or bind the cfg struct
provided as parameter is freed by netlink_init. Callers of
netlink_init also frees this struct on their error paths leading
to double free.

Signed-hostapd: Pontus Fuchs <pontus.fuchs at gmail.com>
---
 src/drivers/netlink.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/drivers/netlink.c b/src/drivers/netlink.c
index dd662f3..76b3f30 100644
--- a/src/drivers/netlink.c
+++ b/src/drivers/netlink.c
@@ -97,7 +97,6 @@ struct netlink_data * netlink_init(struct netlink_config *cfg)
 	if (netlink == NULL)
 		return NULL;
 
-	netlink->cfg = cfg;
 
 	netlink->sock = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
 	if (netlink->sock < 0) {
@@ -118,6 +117,7 @@ struct netlink_data * netlink_init(struct netlink_config *cfg)
 		return NULL;
 	}
 
+	netlink->cfg = cfg;
 	eloop_register_read_sock(netlink->sock, netlink_receive, netlink,
 				 NULL);
 
-- 
1.7.9.5



More information about the HostAP mailing list