| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251028175632.146460-1-nihaal@cse.iitm.ac.in>
Date: Tue, 28 Oct 2025 23:26:30 +0530
From: Abdun Nihaal <nihaal@....iitm.ac.in>
To: marcel@...tmann.org
Cc: Abdun Nihaal <nihaal@....iitm.ac.in>,
luiz.dentz@...il.com,
linux-bluetooth@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2()
The memory allocated for ptr using kvmalloc() is not freed on the last
error path. Fix that by freeing it on that error path.
Fixes: 9a24ce5e29b1 ("Bluetooth: btrtl: Firmware format v2 support")
Signed-off-by: Abdun Nihaal <nihaal@....iitm.ac.in>
---
Compile tested only. Issue found using static analysis.
drivers/bluetooth/btrtl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/bluetooth/btrtl.c b/drivers/bluetooth/btrtl.c
index 6abd962502e3..1d4a7887abcc 100644
--- a/drivers/bluetooth/btrtl.c
+++ b/drivers/bluetooth/btrtl.c
@@ -625,8 +625,10 @@ static int rtlbt_parse_firmware_v2(struct hci_dev *hdev,
len += entry->len;
}
- if (!len)
+ if (!len) {
+ kvfree(ptr);
return -EPERM;
+ }
*_buf = ptr;
return len;
--
2.43.0
Powered by blists - more mailing lists