* [PATCH] Fix possible memory leak in function cfg80211_bss_update
@ 2021-06-26 20:57 Nguyen Dinh Phi
0 siblings, 0 replies; only message in thread
From: Nguyen Dinh Phi @ 2021-06-26 20:57 UTC (permalink / raw)
To: johannes, davem, kuba
Cc: linux-wireless, netdev, linux-kernel, linux-kernel-mentees
When we exceed the limit of BSS entries, this function will free the
new entry, however, at this time, it is the last door to access the
inputed ies, so these ies will be unreferenced objects and cause memory
leak.
Therefore we should free its ies before deallocating the new entry, beside
of dropping it from hidden_list.
These stuffs could be done by using bss_free function.
Signed-off-by: Nguyen Dinh Phi <phind.uet@gmail.com>
---
net/wireless/scan.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index f03c7ac8e184..b5f62bbe539a 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -1761,9 +1761,7 @@ cfg80211_bss_update(struct cfg80211_registered_device *rdev,
if (rdev->bss_entries >= bss_entries_limit &&
!cfg80211_bss_expire_oldest(rdev)) {
- if (!list_empty(&new->hidden_list))
- list_del(&new->hidden_list);
- kfree(new);
+ bss_free(new);
goto drop;
}
--
2.25.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-06-26 20:58 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-26 20:57 [PATCH] Fix possible memory leak in function cfg80211_bss_update Nguyen Dinh Phi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).