projects / GitHub / LineageOS / G12 / android_kernel_amlogic_linux-4.9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 84b5cb4)
nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
authorShang XiaoJing <shangxiaojing@huawei.com>
Thu, 27 Oct 2022 14:03:31 +0000 (22:03 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 10 Nov 2022 14:46:05 +0000 (15:46 +0100)
[ Upstream commit 3a146b7e3099dc7cf3114f627d9b79291e2d2203 ]

s3fwrn5_nci_send() will call s3fwrn5_i2c_write() or s3fwrn82_uart_write(),
and free the skb if write() failed. However, even if the write() run
succeeds, the skb will not be freed in write(). As the result, the skb
will memleak. s3fwrn5_nci_send() should also free the skb when write()
succeeds.

Fixes: c04c674fadeb ("nfc: s3fwrn5: Add driver for Samsung S3FWRN5 NFC Chip")
Signed-off-by: Shang XiaoJing <shangxiaojing@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/nfc/s3fwrn5/core.c patch | blob | blame | history

diff --git a/drivers/nfc/s3fwrn5/core.c b/drivers/nfc/s3fwrn5/core.c
index 64b58455e620be65a3e9164c2b9bb87c13e5c755..f23a1e4d7e1e72e1de59a43ac4bfe304e2f7eb06 100644 (file)
--- a/drivers/nfc/s3fwrn5/core.c
+++ b/drivers/nfc/s3fwrn5/core.c
@@ -108,11 +108,15 @@ static int s3fwrn5_nci_send(struct nci_dev *ndev, struct sk_buff *skb)
        }
 
        ret = s3fwrn5_write(info, skb);
-       if (ret < 0)
+       if (ret < 0) {
                kfree_skb(skb);
+               mutex_unlock(&info->mutex);
+               return ret;
+       }
 
+       consume_skb(skb);
        mutex_unlock(&info->mutex);
-       return ret;
+       return 0;
 }
 
 static int s3fwrn5_nci_post_setup(struct nci_dev *ndev)