Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp3659318pxm; Tue, 1 Mar 2022 02:54:14 -0800 (PST) X-Google-Smtp-Source: ABdhPJyF10+y1VUww9Y7X1vvD9ekihkaTJgQIjG/sNqiwa6pAcrWAws1JfIxAM3P0JRCBfHyvCT7 X-Received: by 2002:a05:6402:236c:b0:413:5d5e:4492 with SMTP id a12-20020a056402236c00b004135d5e4492mr23100579eda.18.1646132054493; Tue, 01 Mar 2022 02:54:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646132054; cv=none; d=google.com; s=arc-20160816; b=dEY8L8sD8Xqsr0QWklmuCMZ2UpwO2IOupRaFjNBPeq38sOxscnEWHqERcXezVC4+dG Vyux61OKK5NYGhW1FKtKs3rdOJJ8cjC+3+MhZ1ihxNWCSPFIb/RW6t33K7wnSIVJ4Hk1 Gbpe3eeXLpFInyLxDr61ScFdPfF+iJo0M3gXRc1ghp7V/q8UN0lGs83h0DfK6KYkZJFu HH8jLuRVPxnSY7R5wOJpjElPRWqlcnFW6KTII0vH3k1XIgX/YkJOtgKCeDRpk1b4SAe5 x7k/ppgvTcECYwlaZguv6MCVihEpbHZGQN82//HZ4+lft/+c9iZKqOrsLRq4ArQxSqdT fi7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=SkEdyKKpTa1oOYftq/i2t/9szgfHFLSalLoHamfUkvg=; b=X8v+ftq11UA6Sa6nQf2Vir+FT5mDvXJV89IdSCXOl4aEyO78XQISXX7ZpFTMkegDRX /WC+cncIytZtUdsuPdXiG6YV7iUDw4uVVjMSFdJEKFUw3be83RdvUBDGAXjhoOWS+FRX ypUZPZxyoJL7F75z3jMsT4oEhoQAAzmbkW/Y7li2unSGuy2pThxB7ZYYZnb6QMWt9Gtx mdLbYHiyuupIMuiwvdEvTV6UQl7L34Q1XRmORtJQ1DX5mZbWJDHTpBJBWTEUBSVvIPfL 4C6VNjzcVNOEjSUrzkM6u6JFz67vULnR5U/bUxNNCqAeAcY7NKntIsc6GCt1Xb/D4MTQ nVvg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w16-20020a1709061f1000b006d1240c3431si7391368ejj.896.2022.03.01.02.53.49; Tue, 01 Mar 2022 02:54:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234090AbiCAKBS (ORCPT + 99 others); Tue, 1 Mar 2022 05:01:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35142 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233239AbiCAKBQ (ORCPT ); Tue, 1 Mar 2022 05:01:16 -0500 Received: from cstnet.cn (smtp84.cstnet.cn [159.226.251.84]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id F0DC78C7FA; Tue, 1 Mar 2022 02:00:33 -0800 (PST) Received: from localhost.localdomain (unknown [124.16.138.126]) by APP-05 (Coremail) with SMTP id zQCowAAnCPG27h1i3OLYAQ--.4914S2; Tue, 01 Mar 2022 18:00:23 +0800 (CST) From: Jiasheng Jiang To: johannes@sipsolutions.net, davem@davemloft.net, kuba@kernel.org Cc: linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Jiasheng Jiang Subject: [PATCH] wireless/nl80211: Handle errors for nla_memdup Date: Tue, 1 Mar 2022 18:00:20 +0800 Message-Id: <20220301100020.3801187-1-jiasheng@iscas.ac.cn> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CM-TRANSID: zQCowAAnCPG27h1i3OLYAQ--.4914S2 X-Coremail-Antispam: 1UD129KBjvdXoWrZr4DCw1kCF1UXF1ftr4rGrg_yoWDKrb_CF WvqF1Ut3W8Aa1Fga4xCrs0ya92kw48Jr4fWwnIgF9rA345JrZa9F1FvF95Ga45Cry09rW5 Gw1DKr1xtwnxWjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT 9fnUUIcSsGvfJTRUUUbzxFF20E14v26r4j6ryUM7CY07I20VC2zVCF04k26cxKx2IYs7xG 6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rwA2F7IY1VAKz4vEj48ve4kI8w A2z4x0Y4vE2Ix0cI8IcVAFwI0_JFI_Gr1l84ACjcxK6xIIjxv20xvEc7CjxVAFwI0_Gr0_ Cr1l84ACjcxK6I8E87Iv67AKxVWxJr0_GcWl84ACjcxK6I8E87Iv6xkF7I0E14v26rxl6s 0DM2AIxVAIcxkEcVAq07x20xvEncxIr21l5I8CrVACY4xI64kE6c02F40Ex7xfMcIj6xII jxv20xvE14v26r1j6r18McIj6I8E87Iv67AKxVWUJVW8JwAm72CE4IkC6x0Yz7v_Jr0_Gr 1lF7xvr2IYc2Ij64vIr41lF7I21c0EjII2zVCS5cI20VAGYxC7MxAIw28IcxkI7VAKI48J MxC20s026xCaFVCjc4AY6r1j6r4UMI8I3I0E5I8CrVAFwI0_Jr0_Jr4lx2IqxVCjr7xvwV AFwI0_JrI_JrWlx4CE17CEb7AF67AKxVWUAVWUtwCIc40Y0x0EwIxGrwCI42IY6xIIjxv2 0xvE14v26r1j6r1xMIIF0xvE2Ix0cI8IcVCY1x0267AKxVWUJVW8JwCI42IY6xAIw20EY4 v20xvaj40_Wr1j6rW3Jr1lIxAIcVC2z280aVAFwI0_Jr0_Gr1lIxAIcVC2z280aVCY1x02 67AKxVW8JVW8JrUvcSsGvfC2KfnxnUUI43ZEXa7VUbXdbUUUUUU== X-Originating-IP: [124.16.138.126] X-CM-SenderInfo: pmld2xxhqjqxpvfd2hldfou0/ X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org As the potential failure of the nla_memdup(), it should be better to check it, as same as kmemdup(). Fixes: a442b761b24b ("cfg80211: add add_nan_func / del_nan_func") Signed-off-by: Jiasheng Jiang --- net/wireless/nl80211.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 578bff9c378b..b1909ce2b739 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -13411,6 +13411,9 @@ static int handle_nan_filter(struct nlattr *attr_filter, i = 0; nla_for_each_nested(attr, attr_filter, rem) { filter[i].filter = nla_memdup(attr, GFP_KERNEL); + if (!filter[i].filter) + goto err; + filter[i].len = nla_len(attr); i++; } @@ -13423,6 +13426,15 @@ static int handle_nan_filter(struct nlattr *attr_filter, } return 0; + +err: + i = 0; + nla_for_each_nested(attr, attr_filter, rem) { + kfree(filter[i].filter); + i++; + } + kfree(filter); + return -ENOMEM; } static int nl80211_nan_add_func(struct sk_buff *skb, -- 2.25.1