Commit e0c49319 authored by Christian Engelmayer's avatar Christian Engelmayer Committed by Greg Kroah-Hartman
Browse files

staging: rtl8188eu: fix potential leak in rtw_set_key() 



Fix a potential leak in the error path of rtw_set_key(). In case the requested
algorithm is not supported by the driver, the function returns without
enqueuing or freeing the already allocated command and parameter structs. Use
a centralized exit path and make sure that all memory is freed correctly.
Detected by Coverity - CID 1077716, 1077717.

Signed-off-by: default avatarChristian Engelmayer <cengelma@gmx.at>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent c60a9607

drivers/staging/rtl8188eu/core/rtw_mlme.c

+11 −8
Original line number Diff line number Diff line
@@ -1727,15 +1727,13 @@ int rtw_set_key(struct adapter *adapter, struct security_priv *psecuritypriv, in 
	int	res = _SUCCESS;



	pcmd = (struct	cmd_obj *)rtw_zmalloc(sizeof(struct	cmd_obj));

	if (pcmd == NULL) {

		res = _FAIL;  /* try again */

		goto exit;

	}

	if (pcmd == NULL)

		return _FAIL;  /* try again */



	psetkeyparm = (struct setkey_parm *)rtw_zmalloc(sizeof(struct setkey_parm));

	if (psetkeyparm == NULL) {

		kfree(pcmd);

		res = _FAIL;

		goto exit;

		goto err_free_cmd;

	}



	_rtw_memset(psetkeyparm, 0, sizeof(struct setkey_parm));
@@ -1784,7 +1782,7 @@ int rtw_set_key(struct adapter *adapter, struct security_priv *psecuritypriv, in 
			 ("\n rtw_set_key:psecuritypriv->dot11PrivacyAlgrthm=%x (must be 1 or 2 or 4 or 5)\n",

			 psecuritypriv->dot11PrivacyAlgrthm));

		res = _FAIL;

		goto exit;

		goto err_free_parm;

	}

	pcmd->cmdcode = _SetKey_CMD_;

	pcmd->parmbuf = (u8 *)psetkeyparm;
@@ -1793,7 +1791,12 @@ int rtw_set_key(struct adapter *adapter, struct security_priv *psecuritypriv, in 
	pcmd->rspsz = 0;

	_rtw_init_listhead(&pcmd->list);

	res = rtw_enqueue_cmd(pcmdpriv, pcmd);

exit:

	return res;



err_free_parm:

	kfree(psetkeyparm);

err_free_cmd:

	kfree(pcmd);

	return res;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE