Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp67141pxk;
        Fri, 11 Sep 2020 00:02:29 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwBuSI5uLABMJX52fNkShUk6DvmfjKRTJx4t0PPNIx5KplP8JvS/5WnDrL3R5aiV0CsAbIs
X-Received: by 2002:a17:907:94cf:: with SMTP id dn15mr742346ejc.114.1599807749521;
        Fri, 11 Sep 2020 00:02:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1599807749; cv=none;
        d=google.com; s=arc-20160816;
        b=maeJlk4K4dcuLwi/T68skQE5I7TFXnoXdM7RiAU1og2zPQf5iD8JVsUdHOyP7sChxV
         2BV6dksJVYEjda3Tf3jvXUSF3JSiwwRBnKXoUSLdOCELXaCuGwc+SJEJBNjBwUM8qK/4
         H4gFlhtjRnQnWNRAM+4Q7lP7056obAbP2DJBAMzxr0c9W/uA+Z013v5fs/O/d5R2b9eK
         Yb1lLKiaGkXFK5QrynXGxDA+ycFKjBfLqtOmZ5dEDIAycf6yxFNg5MaTaq3G6W50WNqy
         RrXZJhcwdGfSA29XkSnKcq6xCdJH7RonNQmwiAtSPIlpOhqkjV8Sp6ucG035C9c7m0v5
         63rA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:from:subject
         :mime-version;
        bh=tlXHpkI6oNjM9O4KLym7yLKa1FgMdVBYh5fJ+Aupru8=;
        b=QNgr8ZyYLAxTWw6rNegugwYDh5/Ps+G+cu6V4KLzXYqvY1uoyppIkjH73gWlEB9qfc
         CEj10MsMxssamJCStiFZY8SKe6pQ0AXK0a4bCzfe2ZgfcljWL2IuljGgmfMO+CIyBHPG
         ELSpkkkqQZwQ3OsfkEVDo+nf0V64s058oWW5iHd8aNnSn60WLYnuqEwsV7WPj5OoNj02
         wzEoXyDucDjZgBe09HMbNHTgezLC00HrcoSduK1LrUj9SOdmAGtfKkLGorIl44FDERev
         qW51S0ziLxkK5zYIQvUF/bIEXVCvnRX8q//ZblV81H9WTaYrEaIMJVwlGVMrjNPxYrIX
         DbhA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id c11si762566ejb.541.2020.09.11.00.02.05;
        Fri, 11 Sep 2020 00:02:29 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1725730AbgIKHCD convert rfc822-to-8bit (ORCPT
        <rfc822;martin.roesch79@gmail.com> + 99 others);
        Fri, 11 Sep 2020 03:02:03 -0400
Received: from coyote.holtmann.net ([212.227.132.17]:42917 "EHLO
        mail.holtmann.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725468AbgIKHCB (ORCPT
        <rfc822;linux-bluetooth@vger.kernel.org>);
        Fri, 11 Sep 2020 03:02:01 -0400
Received: from marcel-macbook.fritz.box (p4ff9f430.dip0.t-ipconnect.de [79.249.244.48])
        by mail.holtmann.org (Postfix) with ESMTPSA id 530AECED19;
        Fri, 11 Sep 2020 09:08:55 +0200 (CEST)
Content-Type: text/plain;
        charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Subject: Re: [Linux-kernel-mentees] [PATCH v2] Bluetooth: Fix memory leak in
 read_adv_mon_features()
From:   Marcel Holtmann <marcel@holtmann.org>
In-Reply-To: <20200909072551.1101031-1-yepeilin.cs@gmail.com>
Date:   Fri, 11 Sep 2020 09:01:59 +0200
Cc:     Johan Hedberg <johan.hedberg@gmail.com>,
        Miao-chen Chou <mcchou@chromium.org>,
        "David S. Miller" <davem@davemloft.net>,
        Jakub Kicinski <kuba@kernel.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-bluetooth <linux-bluetooth@vger.kernel.org>,
        open list <linux-kernel@vger.kernel.org>,
        linux-kernel-mentees@lists.linuxfoundation.org,
        syzkaller-bugs@googlegroups.com
Content-Transfer-Encoding: 8BIT
Message-Id: <15999FE1-5227-4D55-8E3C-39142725FDA5@holtmann.org>
References: <20200908200635.1099360-1-yepeilin.cs@gmail.com>
 <20200909072551.1101031-1-yepeilin.cs@gmail.com>
To:     Peilin Ye <yepeilin.cs@gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Sender: linux-bluetooth-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org

Hi Peilin,

> read_adv_mon_features() is leaking memory. Free `rp` before returning.
> 
> Fixes: e5e1e7fd470c ("Bluetooth: Add handler of MGMT_OP_READ_ADV_MONITOR_FEATURES")
> Reported-and-tested-by: syzbot+f7f6e564f4202d8601c6@syzkaller.appspotmail.com
> Link: https://syzkaller.appspot.com/bug?extid=f7f6e564f4202d8601c6
> Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com>
> ---
> I forgot the "Link:" tag yesterday. Sorry about that.
> 
> Change in v2:
>    - add a proper "Link:" tag.
> 
> net/bluetooth/mgmt.c | 12 ++++++++----
> 1 file changed, 8 insertions(+), 4 deletions(-)

patch has been applied to bluetooth-next tree.

Regards

Marcel