On Wednesday 16 February 2022 12:29:50 CET [email protected] wrote:
> From: Xiaoke Wang <[email protected]>
>
> devm_kmalloc() returns a pointer to allocated memory on success, NULL
> on failure. While there is a memory allocation of devm_kmalloc()
> without proper check. It is better to check the return value of it to
> prevent wrong memory access.
>
> Signed-off-by: Xiaoke Wang <[email protected]>
> ---
> drivers/staging/wfx/main.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/staging/wfx/main.c b/drivers/staging/wfx/main.c
> index 4b9fdf9..0ef9225 100644
> --- a/drivers/staging/wfx/main.c
> +++ b/drivers/staging/wfx/main.c
> @@ -294,6 +294,8 @@ struct wfx_dev *wfx_init_common(struct device *dev,
> hw->wiphy->n_iface_combinations = ARRAY_SIZE(wfx_iface_combinations);
> hw->wiphy->iface_combinations = wfx_iface_combinations;
> hw->wiphy->bands[NL80211_BAND_2GHZ] = devm_kmalloc(dev, sizeof(wfx_band_2ghz), GFP_KERNEL);
> + if (!hw->wiphy->bands[NL80211_BAND_2GHZ])
> + return NULL;
> // FIXME: also copy wfx_rates and wfx_2ghz_chantable
> memcpy(hw->wiphy->bands[NL80211_BAND_2GHZ], &wfx_band_2ghz,
> sizeof(wfx_band_2ghz));
> --
>
Good catch! However, I think you should call ieee80211_free_hw(hw)
before to return.
While reviewing your code, I have noticed that all the error handlers
of this function return without calling ieee80211_free_hw(hw).
--
J?r?me Pouiller