[PATCH 01/11] staging: wilc1000: refactor scan() to free kmalloc memory on failure cases

Tue, 20 Mar 2018 09:56:25 -0700 

Added changes to free the allocated memory in scan() for error condition.
Also added 'NULL' check validation before accessing allocated memory.

Signed-off-by: Ajay Singh <ajay.kat...@microchip.com>
---
 drivers/staging/wilc1000/wilc_wfi_cfgoperations.c | 62 +++++++++++++++++------
 1 file changed, 46 insertions(+), 16 deletions(-)

diff --git a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c 
b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
index 9d8d5d0..b784e15 100644
--- a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
+++ b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
@@ -582,6 +582,49 @@ static int set_channel(struct wiphy *wiphy,
        return result;
 }
 
+static inline bool
+wilc_wfi_cfg_alloc_fill_ssid(struct cfg80211_scan_request *request,
+                            struct hidden_network *ntwk)
+{
+       int i = 0;
+
+       ntwk->net_info = kcalloc(request->n_ssids,
+                                sizeof(struct hidden_network), GFP_KERNEL);
+
+       if (!ntwk->net_info)
+               goto out;
+
+       ntwk->n_ssids = request->n_ssids;
+
+       for (i = 0; i < request->n_ssids; i++) {
+               if (request->ssids[i].ssid_len > 0) {
+                       struct hidden_net_info *info = &ntwk->net_info[i];
+
+                       info->ssid = kmemdup(request->ssids[i].ssid,
+                                            request->ssids[i].ssid_len,
+                                            GFP_KERNEL);
+
+                       if (!info->ssid)
+                               goto out_free;
+
+                       info->ssid_len = request->ssids[i].ssid_len;
+               } else {
+                       ntwk->n_ssids -= 1;
+               }
+       }
+       return true;
+
+out_free:
+
+       for (; i >= 0 ; i--)
+               kfree(ntwk->net_info[i].ssid);
+
+       kfree(ntwk->net_info);
+out:
+
+       return false;
+}
+
 static int scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
 {
        struct wilc_priv *priv;
@@ -606,23 +649,10 @@ static int scan(struct wiphy *wiphy, struct 
cfg80211_scan_request *request)
                        scan_ch_list[i] = 
(u8)ieee80211_frequency_to_channel(request->channels[i]->center_freq);
 
                if (request->n_ssids >= 1) {
-                       hidden_ntwk.net_info =
-                               kmalloc_array(request->n_ssids,
-                                             sizeof(struct hidden_network),
-                                             GFP_KERNEL);
-                       if (!hidden_ntwk.net_info)
+                       if (!wilc_wfi_cfg_alloc_fill_ssid(request,
+                                                         &hidden_ntwk))
                                return -ENOMEM;
-                       hidden_ntwk.n_ssids = request->n_ssids;
-
-                       for (i = 0; i < request->n_ssids; i++) {
-                               if (request->ssids[i].ssid_len != 0) {
-                                       hidden_ntwk.net_info[i].ssid = 
kmalloc(request->ssids[i].ssid_len, GFP_KERNEL);
-                                       memcpy(hidden_ntwk.net_info[i].ssid, 
request->ssids[i].ssid, request->ssids[i].ssid_len);
-                                       hidden_ntwk.net_info[i].ssid_len = 
request->ssids[i].ssid_len;
-                               } else {
-                                       hidden_ntwk.n_ssids -= 1;
-                               }
-                       }
+
                        ret = wilc_scan(vif, USER_SCAN, ACTIVE_SCAN,
                                        scan_ch_list,
                                        request->n_channels,
-- 
2.7.4

_______________________________________________
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Reply via email to