| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220331063733.GJ3293@kadam>
Date: Thu, 31 Mar 2022 09:37:33 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: xkernel.wang@...mail.com
Cc: Larry.Finger@...inger.net, phil@...lpotter.co.uk,
gregkh@...uxfoundation.org, linux-staging@...ts.linux.dev,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] staging: r8188eu: properly handle the kzalloc()
On Wed, Mar 30, 2022 at 11:16:07PM +0800, xkernel.wang@...mail.com wrote:
> diff --git a/drivers/staging/r8188eu/core/rtw_p2p.c b/drivers/staging/r8188eu/core/rtw_p2p.c
> index e2b6cf2..f1a5df8 100644
> --- a/drivers/staging/r8188eu/core/rtw_p2p.c
> +++ b/drivers/staging/r8188eu/core/rtw_p2p.c
> @@ -27,15 +27,14 @@ static u32 go_add_group_info_attr(struct wifidirect_info *pwdinfo, u8 *pbuf)
> struct list_head *phead, *plist;
> u32 len = 0;
> u16 attr_len = 0;
> - u8 tmplen, *pdata_attr, *pstart, *pcur;
> + u8 pdata_attr[MAX_P2P_IE_LEN] = { 0x00 };
> + u8 tmplen, *pstart, *pcur;
> struct sta_info *psta = NULL;
> struct adapter *padapter = pwdinfo->padapter;
> struct sta_priv *pstapriv = &padapter->stapriv;
>
> DBG_88E("%s\n", __func__);
>
> - pdata_attr = kzalloc(MAX_P2P_IE_LEN, GFP_KERNEL);
> -
> pstart = pdata_attr;
> pcur = pdata_attr;
>
> @@ -106,7 +105,6 @@ static u32 go_add_group_info_attr(struct wifidirect_info *pwdinfo, u8 *pbuf)
> if (attr_len > 0)
> len = rtw_set_p2p_attr_content(pbuf, P2P_ATTR_GROUP_INFO, attr_len, pdata_attr);
>
> - kfree(pdata_attr);
> return len;
> }
>
This part is fine. This change is can be pulled into a separate patch
and reviewed by itself.
> diff --git a/drivers/staging/r8188eu/core/rtw_xmit.c b/drivers/staging/r8188eu/core/rtw_xmit.c
> index 46fe62c..5888979 100644
> --- a/drivers/staging/r8188eu/core/rtw_xmit.c
> +++ b/drivers/staging/r8188eu/core/rtw_xmit.c
> @@ -179,7 +179,9 @@ s32 _rtw_init_xmit_priv(struct xmit_priv *pxmitpriv, struct adapter *padapter)
>
> pxmitpriv->free_xmit_extbuf_cnt = num_xmit_extbuf;
>
> - rtw_alloc_hwxmits(padapter);
> + res = rtw_alloc_hwxmits(padapter);
> + if (res == _FAIL)
> + goto exit;
There needs to be some cleanup if rtw_alloc_hwxmits() fails.
> rtw_init_hwxmits(pxmitpriv->hwxmits, pxmitpriv->hwxmit_entry);
>
> for (i = 0; i < 4; i++)
> @@ -202,7 +204,6 @@ s32 _rtw_init_xmit_priv(struct xmit_priv *pxmitpriv, struct adapter *padapter)
> rtw_hal_init_xmit_priv(padapter);
>
> exit:
> -
> return res;
This whitespace change has nothing to do with allocating memory. Leave
it out.
> }
>
> @@ -1516,7 +1517,7 @@ s32 rtw_xmit_classifier(struct adapter *padapter, struct xmit_frame *pxmitframe)
> return res;
> }
>
> -void rtw_alloc_hwxmits(struct adapter *padapter)
> +s32 rtw_alloc_hwxmits(struct adapter *padapter)
> {
> struct hw_xmit *hwxmits;
> struct xmit_priv *pxmitpriv = &padapter->xmitpriv;
> @@ -1525,6 +1526,9 @@ void rtw_alloc_hwxmits(struct adapter *padapter)
>
> pxmitpriv->hwxmits = kzalloc(sizeof(struct hw_xmit) * pxmitpriv->hwxmit_entry, GFP_KERNEL);
>
> + if (!pxmitpriv->hwxmits)
Don't leave a blank line between the allocation and the check.
> + return _FAIL;
> +
> hwxmits = pxmitpriv->hwxmits;
>
> if (pxmitpriv->hwxmit_entry == 5) {
regards,
dan carpenter
Powered by blists - more mailing lists