projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 07b99cf)
Staging: bcm: fix possible memory leak of 'pstAddIndication' in CmHost.c and removes...
authorKevin McKinney <klmckinney1@gmail.com>
Fri, 2 Mar 2012 05:17:04 +0000 (00:17 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 3 Mar 2012 00:36:55 +0000 (16:36 -0800)
Memory is being allocated by kmalloc and stored in
variable pstAddIndication.  However, this memory is
not being freed in all cases. Therefore, this patch
frees it on several exit paths. This patch also
removes a whitespace.

Signed-off-by: Kevin McKinney <klmckinney1@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/bcm/CmHost.c patch | blob | blame | history

diff --git a/drivers/staging/bcm/CmHost.c b/drivers/staging/bcm/CmHost.c
index e332f1e7c11e1195e20ceb104da39d7b0abffb93..7e38af5e1765739b732029f3e4b7943e2eaa707c 100644 (file)
--- a/drivers/staging/bcm/CmHost.c
+++ b/drivers/staging/bcm/CmHost.c
@@ -1399,12 +1399,16 @@ ULONG StoreCmControlResponseMessage(PMINI_ADAPTER Adapter, PVOID pvBuffer, UINT
        /* AUTHORIZED SET */
        pstAddIndication->psfAuthorizedSet = (stServiceFlowParamSI *)
                        GetNextTargetBufferLocation(Adapter, pstAddIndicationAlt->u16TID);
-       if (!pstAddIndication->psfAuthorizedSet)
+       if (!pstAddIndication->psfAuthorizedSet) {
+               kfree(pstAddIndication);
                return 0;
+       }
 
        if (StoreSFParam(Adapter, (PUCHAR)&pstAddIndicationAlt->sfAuthorizedSet,
-                               (ULONG)pstAddIndication->psfAuthorizedSet) != 1)
+                               (ULONG)pstAddIndication->psfAuthorizedSet) != 1) {
+               kfree(pstAddIndication);
                return 0;
+       }
 
        /* this can't possibly be right */
        pstAddIndication->psfAuthorizedSet = (stServiceFlowParamSI *)ntohl((ULONG)pstAddIndication->psfAuthorizedSet);
@@ -1420,6 +1424,7 @@ ULONG StoreCmControlResponseMessage(PMINI_ADAPTER Adapter, PVOID pvBuffer, UINT
                AddRequest.psfParameterSet = pstAddIndication->psfAuthorizedSet;
                (*puBufferLength) = sizeof(stLocalSFAddRequest);
                memcpy(pvBuffer, &AddRequest, sizeof(stLocalSFAddRequest));
+               kfree(pstAddIndication);
                return 1;
        }
 
@@ -1436,20 +1441,28 @@ ULONG StoreCmControlResponseMessage(PMINI_ADAPTER Adapter, PVOID pvBuffer, UINT
        /* ADMITTED SET */
        pstAddIndication->psfAdmittedSet = (stServiceFlowParamSI *)
                GetNextTargetBufferLocation(Adapter, pstAddIndicationAlt->u16TID);
-       if (!pstAddIndication->psfAdmittedSet)
+       if (!pstAddIndication->psfAdmittedSet) {
+               kfree(pstAddIndication);
                return 0;
-       if (StoreSFParam(Adapter, (PUCHAR)&pstAddIndicationAlt->sfAdmittedSet, (ULONG)pstAddIndication->psfAdmittedSet) != 1)
+       }
+       if (StoreSFParam(Adapter, (PUCHAR)&pstAddIndicationAlt->sfAdmittedSet, (ULONG)pstAddIndication->psfAdmittedSet) != 1) {
+               kfree(pstAddIndication);
                return 0;
+       }
 
        pstAddIndication->psfAdmittedSet = (stServiceFlowParamSI *)ntohl((ULONG)pstAddIndication->psfAdmittedSet);
 
        /* ACTIVE SET */
        pstAddIndication->psfActiveSet = (stServiceFlowParamSI *)
                GetNextTargetBufferLocation(Adapter, pstAddIndicationAlt->u16TID);
-       if (!pstAddIndication->psfActiveSet)
+       if (!pstAddIndication->psfActiveSet) {
+               kfree(pstAddIndication);
                return 0;
-       if (StoreSFParam(Adapter, (PUCHAR)&pstAddIndicationAlt->sfActiveSet, (ULONG)pstAddIndication->psfActiveSet) != 1)
+       }
+       if (StoreSFParam(Adapter, (PUCHAR)&pstAddIndicationAlt->sfActiveSet, (ULONG)pstAddIndication->psfActiveSet) != 1) {
+               kfree(pstAddIndication);
                return 0;
+       }
 
        pstAddIndication->psfActiveSet = (stServiceFlowParamSI *)ntohl((ULONG)pstAddIndication->psfActiveSet);
 
@@ -1844,7 +1857,7 @@ BOOLEAN CmControlResponseMessage(PMINI_ADAPTER Adapter,  /* <Pointer to the Adap
                                Adapter->PackInfo[uiSearchRuleIndex].bActive = FALSE;
                                Adapter->PackInfo[uiSearchRuleIndex].bValid = FALSE;
                                Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = 0;
-                               kfree(pstAddIndication);                                
+                               kfree(pstAddIndication);
                        } else if (psfLocalSet->bValid && (pstChangeIndication->u8CC == 0)) {
                                Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = ntohs(pstChangeIndication->u16VCID);
                                BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "CC field is %d bvalid = %d\n",