LinuxLists.cc - [PATCH] wifi: ath11k: Fix error handling in ath11k_wmi_p2p_noa

2024-04-15 11:26:08

Subject: [PATCH] wifi: ath11k: Fix error handling in ath11k_wmi_p2p_noa_event()

if (noa_descriptors > WMI_P2P_MAX_NOA_DESCRIPTORS), there is a mix of
return and goto. in such a case, 'ret' should be assigned an error code and
the 'td' should be freed to avoid a memory leak.

While at it, return 'ret' instead of 0 in case of error.
This is actually harmless, because the only caller does not handle the
return value.

Fixes: 2408379f15a1 ("wifi: ath11k: implement handling of P2P NoA event")
Signed-off-by: Christophe JAILLET <[email protected]>
---
drivers/net/wireless/ath/ath11k/wmi.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/net/wireless/ath/ath11k/wmi.c b/drivers/net/wireless/ath/ath11k/wmi.c
index c74aa3f95658..589a1b5ec517 100644
--- a/drivers/net/wireless/ath/ath11k/wmi.c
+++ b/drivers/net/wireless/ath/ath11k/wmi.c
@@ -8657,7 +8657,7 @@ static int ath11k_wmi_p2p_noa_event(struct ath11k_base *ab,
const struct wmi_p2p_noa_event *ev;
const struct ath11k_wmi_p2p_noa_info *noa;
struct ath11k *ar;
- int ret, vdev_id;
+ int ret = 0, vdev_id;
u8 noa_descriptors;

tb = ath11k_wmi_tlv_parse_alloc(ab, skb, GFP_ATOMIC);
@@ -8682,7 +8682,7 @@ static int ath11k_wmi_p2p_noa_event(struct ath11k_base *ab,
if (noa_descriptors > WMI_P2P_MAX_NOA_DESCRIPTORS) {
ath11k_warn(ab, "invalid descriptor num %d in P2P NoA event\n",
noa_descriptors);
- return -EINVAL;
+ ret = -EINVAL;
goto out;
}

@@ -8705,7 +8705,7 @@ static int ath11k_wmi_p2p_noa_event(struct ath11k_base *ab,
rcu_read_unlock();
out:
kfree(tb);
- return 0;
+ return ret;
}

static void ath11k_wmi_tlv_op_rx(struct ath11k_base *ab, struct sk_buff *skb)
--
2.44.0

2024-04-15 16:19:03

by Jeff Johnson

[permalink] [raw]

Subject: Re: [PATCH] wifi: ath11k: Fix error handling in ath11k_wmi_p2p_noa_event()

On 4/15/2024 4:23 AM, Christophe JAILLET wrote:
> if (noa_descriptors > WMI_P2P_MAX_NOA_DESCRIPTORS), there is a mix of
> return and goto. in such a case, 'ret' should be assigned an error code and
> the 'td' should be freed to avoid a memory leak.
>
> While at it, return 'ret' instead of 0 in case of error.
> This is actually harmless, because the only caller does not handle the
> return value.

in that case it would be preferable to change this to be a void function and
not return anything. that would be consistent with most, if not all, of the
other event handlers