| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240501063740.32066-1-johan+linaro@kernel.org>
Date: Wed, 1 May 2024 08:37:40 +0200
From: Johan Hovold <johan+linaro@...nel.org>
To: Marcel Holtmann <marcel@...tmann.org>,
Luiz Augusto von Dentz <luiz.dentz@...il.com>
Cc: linux-bluetooth@...r.kernel.org,
linux-kernel@...r.kernel.org,
Johan Hovold <johan+linaro@...nel.org>,
stable@...r.kernel.org
Subject: [PATCH] Bluetooth: qca: fix firmware check error path
A recent commit fixed the code that parses the firmware files before
downloading them to the controller but introduced a memory leak in case
the sanity checks ever fail.
Make sure to free the firmware buffer before returning on errors.
Fixes: 6fb81c405bfa ("Bluetooth: qca: add missing firmware sanity checks")
Cc: stable@...r.kernel.org # 4.19
Signed-off-by: Johan Hovold <johan+linaro@...nel.org>
---
drivers/bluetooth/btqca.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Luiz,
Sorry for not catching this before posting v2.
Feel to free to squash this fix into commit 6fb81c405bfa ("Bluetooth:
qca: add missing firmware sanity checks") in the bluetooth-next branch
if you prefer.
Note that the commit id in the Fixes tag above won't match if you cherry
pick both commits to the fixes branch.
Johan
diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c
index 125f140e012a..59e384fa1a0c 100644
--- a/drivers/bluetooth/btqca.c
+++ b/drivers/bluetooth/btqca.c
@@ -676,7 +676,7 @@ static int qca_download_firmware(struct hci_dev *hdev,
ret = qca_tlv_check_data(hdev, config, data, size, soc_type);
if (ret)
- return ret;
+ goto out;
segment = data;
remain = size;
--
2.43.2
Powered by blists - more mailing lists