LinuxLists.cc - [PATCH 1/2] nl80211: don't return err unconditionally in nl80211_start

2020-06-26 11:41:55

Subject: [PATCH 1/2] nl80211: don't return err unconditionally in nl80211_start_ap()

From: Luca Coelho <[email protected]>

When a memory leak was fixed, a return err was changed to goto err,
but, accidentally, the if (err) was removed, so now we always exit at
this point.

Fix it by adding if (err) back.

Fixes: 9951ebfcdf2b ("nl80211: fix potential leak in AP start")
Signed-off-by: Luca Coelho <[email protected]>
---
net/wireless/nl80211.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 263ae395ad44..f31698fd4a7e 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -5016,7 +5016,8 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
err = nl80211_parse_he_obss_pd(
info->attrs[NL80211_ATTR_HE_OBSS_PD],
&params.he_obss_pd);
- goto out;
+ if (err)
+ goto out;
}

if (info->attrs[NL80211_ATTR_HE_BSS_COLOR]) {
--
2.27.0

2020-06-26 11:41:55

by Luca Coelho

[permalink] [raw]

Subject: [PATCH 2/2] nl80211: fix memory leak when parsing NL80211_ATTR_HE_BSS_COLOR

From: Luca Coelho <[email protected]>

If there is an error when parsing the NL80211_ATTR_HE_BSS_COLOR
attribute, we return immediately without freeing param.acl. Fit it by
using goto out instead of returning immediately.

Fixes: 5c5e52d1bb96 ("nl80211: add handling for BSS color")
Signed-off-by: Luca Coelho <[email protected]>
---
net/wireless/nl80211.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index f31698fd4a7e..0e07fb8585fb 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -5025,7 +5025,7 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
info->attrs[NL80211_ATTR_HE_BSS_COLOR],
&params.he_bss_color);
if (err)
- return err;
+ goto out;
}

nl80211_calculate_ap_params(&params);
--
2.27.0

2020-06-26 12:02:36

by John Crispin

[permalink] [raw]

Subject: Re: [PATCH 2/2] nl80211: fix memory leak when parsing NL80211_ATTR_HE_BSS_COLOR

On 26.06.20 11:49, Luca Coelho wrote:
> From: Luca Coelho <[email protected]>
>
> If there is an error when parsing the NL80211_ATTR_HE_BSS_COLOR
> attribute, we return immediately without freeing param.acl. Fit it by
> using goto out instead of returning immediately.
>
> Fixes: 5c5e52d1bb96 ("nl80211: add handling for BSS color")
> Signed-off-by: Luca Coelho <[email protected]>

Acked-by: John Crispin <[email protected]>

Thanks !

> ---
> net/wireless/nl80211.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index f31698fd4a7e..0e07fb8585fb 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -5025,7 +5025,7 @@ static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
> info->attrs[NL80211_ATTR_HE_BSS_COLOR],
> &params.he_bss_color);
> if (err)
> - return err;
> + goto out;
> }
>
> nl80211_calculate_ap_params(&params);